Previous Job
Security Engineer
Ref No.: 16-05908
Location: Santa Clara, California
Start Date: 09/06/2016
 • Work with one of Client's prized clients in the heart of Silicon Valley by ensuring security for critical infrastructure.
• We are looking for a talented hands-on security professional that has deep technical knowledge also likes contributing to the strategic direction.
• In this role you will get to work with the full array of security solutions as well as support the security provisions throughout the environment's infrastructure – networks, servers, desktops and applications.
• You will also contribute toward strategic planning based on risk assessments and analysis.

• Implement and support comprehensive security controls using a defense in depth approach
• Network security through segmentation and firewall zoning
• Implement ACL policies and secure configurations in firewalls, routers, switches, VPNs and load balancers
• Endpoint security management to prevent malware and insider threats
• Rapid response for MS-ISAC security alerts, including of co-ordination with Networking team, Security Engineering team, Endpoint and other appropriate parties
• Daily analysis of Zscaler Advanced Behavior Analysis tool
• Analyses of security trends and overall network health with Cisco Prime Infrastructure 3.1 and Cisco Identity Service Engine 2.0
• Email security through Spam filtering and use of SPF & DMARC
• Advise on application security based on OWASP Top 10
• Ensure PCI-DSS compliance
• Monitor SIEM, IPS and event logs for indicators of compromise
• Perform incident response using NIST SP 800-61 standards and determine root causes
• Security awareness training
• Keeping security plans and documentation updated
• Creating and reviewing SOWs and RFPs
• Create and update disaster recovery plans and security policies as needed
• Working with stakeholders to perform risk management and ongoing assessments, and then selecting mitigating and corrective controls based on Pareto analysis
• Proactive client involvement in solving client challenges and business opportunities
• Collaborate with client stakeholders and steering committees to ensure plans and identified solutions meet business needs and expectations.
• Communicate with Client team on a regular basis to provide timely and informative reports and related analysis and recommendations to maintain and improve service delivery
• Provide up-to-date information to clients in response to specific inquiries and meet all commitments ahead of due dates
• Off-hour availability during security incidents and relevant emergent conditions

Required Skills, Experience & Qualifications:
• Experienced with firewalls, routers, switches, SIEM
• Network packet captures and analysis
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods
• Experience collecting, analyzing, and validating open source intelligence

Working knowledge in one or more of the following topics:
• Industrial Control System Security, Third Party Risks/Threats, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service Attacks, Malware, Mobile or Emerging Threats, Social Engineering, Insider Threats
• Microsoft Active Directory, Windows DACL/SACL, and Linux
• Understanding of protocols, such as IPsec, ESP, GRE, SSL/TLS, 802.1x, RADIUS/TACACS, HSRP, GSLB and WCCP
• Understanding of NIST cybersecurity, risk assessment and incident response standards
• Scripting language such as PowerShell or PERL
• Bachelor's degree in Computer Science, Engineering, or Mathematics highly desired
• CISSP, GSEC, CEH, MCSE, and CCNP-Security certification desired
• 5-10 years hands-on security administration or engineering experience
• Client engagement soft skills are required
• Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Additional Preferred Skills, Experience & Qualifications:
• Hypervisor security
• Database security
• Identity management and access control
• Multifactor authentication
• Change management process
• Experience with ticketing system such as Remedy
• Business continuity planning and facilitating business impact analyses with business units
• CCNA Cyber Ops, CISSP, SSCP, CISM, CISA, CEH GSEC, ECSA, CompTIA Security+, Cisco CCNP