Senior Network Security Engineer
- Woodbridge, NJ
SENIOR NETWORK SECURITY ENGINEER
The Senior Network Security Engineer serves as a technical lead for the IT Security Team and is responsible for the operation, maintenance, monitoring and implementation of IT security technologies, processes and procedures. This role will is well versed in understanding the information technology landscape including security, infrastructure, network, client, server, emerging technology standards and trends. The Senior Network Security Engineer manages and monitors internal and/or outsourced security functions; applies expertise in information security and protection systems to eliminate or reduce unauthorized access, assists with investigation of technology security breaches; identifies security issues; performs and participates in risk assessments; assists in the identification, development and implementation of security solutions; recommends secure solutions utilizing standard best practice security principles; assists in designing, implementing and measures required compliance controls; contributes to the overall security posture of the organization.
- Lead the design, review, and implementation of strategic and tactical security initiatives.
- Identify significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks.
- Provide architectural design and coordinate the implementation of security solutions to integrate into existing network environment.
- Establish requirements and make recommendations on the appropriate infrastructure protection tools, methods, and technologies.
- Develop strategies for responding to future security challenges.
- Demonstrate effectiveness of the program for implementation on an organization-wide basis.
- Review, create and update security policies, procedures and standards, and present them to management for endorsement.
- Establish technical or procedural enforcements for pertinent policies within the organization.
- Facilitate organizational-wide communications and institute measures to ensure information security awareness and compliance.
- Review new and existing systems, networks, and software designs for potential security risks, and resolve integration security issues across disciplines.
- Define the scope and level of detail for applicable security plans and policies.
- Develop the project plan for the implementation, identify major milestones and activities, and coordinate development and implementation.
- Develop plan and methodology for testing and measuring IT compliancy.
- Recommend action for containment and remediation based on findings, and following up to ensure the implementation of corrective actions.
- Proactively monitor security infrastructure and tools to ensure reliability and integrity of systems and applications.
- Develop and implement operational response procedures to maximize visibility, maintain stability and prioritize criticality of identified issues.
- Investigate and respond rapidly to identify security incidents.
- Acquire, analyze, and interpret forensic images, packet captures and logs to accomplish rapid and accurate incident response.
- Recommend and implement tools, standards and procedures to facilitate future investigations.
- Educate IT team members in security best practices.
- Collaborate with IT Teams to incorporate security best practices into daily workflow and procedures.
- Assist with development and implementation of Security Awareness Training for entire organization.
- Bachelor's degree with a concentration in Computer Science or Business Administration or equivalent work experience required.
- Five (5) + years' experience (7+ years in lieu of degree) in firewalls, routers, proxies, and load balancers.
- Security Certification in good standing (e.g. CISSP, CEH,CISM,etc)
- Excellent oral and written communication skills and interpersonal skills.
- Proficient in security frameworks (e.g. NIST, CIS, etc.)
- Proficient in network protocols (e.g FTP, TCP/IP, SSH).
- Proficient in firewalls, routers, proxies, load balancers.
- Proficient at securing systems (e.g. common operating systems, network equipment).
- Proficient in security concepts such as identity management, least privilege, defense in depth and separation of duties.
- Proficient in Patch Management process and tools.
- Proficient in Virus Scan and Endpoint Protection tools (e.g. McAfee, Sophos, Symantec)
- Proficient in vulnerability assessment tools (e.g. Nessus, Metasploit,etc)
- Working knowledge of common web architectures and related security risks.
- Working knowledge of large scale networks including architecture and security risks.
- Working knowledge of Windows based operating systems, Linux, Mac Os, and Virtualization.
- Experience writing technical specifications and operational documentation.
Thursday, August 22, 2019