20142 - Security Engineer II
Montgomery, AL
Full Time
Mid Level
20142 – Security Engineer II
Location – Montgomery, AL
PURPOSE
The Security Engineer II participates in all aspects of information systems and network security including intrusion detection, incident response, vulnerability assessment, application security and compliance with the corporate information security policy. They are primarily responsible for implementing, operating and improving security technologies including DLP, Antivirus, IPS/IDS, End Point Protection, Database Activity Monitoring, Web Application Firewall and processes.
ESSENTIAL FUNCTIONS
Security Engineering
JOB REQUIREMENTS
CERTIFICATIONS
CISSP, CISSP-ISSAP, SANS, or other professional certification applicable to security engineering are preferred
Salary Range - $65,950 to $94,300/yr.
Location – Montgomery, AL
PURPOSE
The Security Engineer II participates in all aspects of information systems and network security including intrusion detection, incident response, vulnerability assessment, application security and compliance with the corporate information security policy. They are primarily responsible for implementing, operating and improving security technologies including DLP, Antivirus, IPS/IDS, End Point Protection, Database Activity Monitoring, Web Application Firewall and processes.
ESSENTIAL FUNCTIONS
Security Engineering
- Design, build, test and deploy new security technologies, which include the development of the operational manual and run books
- Provide technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
- Investigates, recommends, evaluates, deploys and integrates operational security tools and techniques to improve our ability to protect corporate assets and infrastructure
- Participate in technical risk assessments and security exposure analyses of systems, networks and business applications
- Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost effectiveness
- Oversees the installation, configuration and supportive processes of security technologies
- Participate in or lead the Incident Response activities
- Interacts with internal and external clients on security operations requirements, identifies security process and develops strategies/solutions to security issues
- Keeps fully abreast of trends and changing technologies as they relate to IT and Network Engineering and Information Security fields
- Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
- Monitor and manage our networks and infrastructure environment for attacks, malicious software and possible intrusions, which includes the follow up of complete remediation of infected systems
- Required to be on-call (after hours) per the established rotational schedule
- Implement changes to our security technologies / infrastructure in accordance with standard and change control policies / procedures
- Evaluate, implement, tune and operate Security Solutions such as IPS, Vulnerability scanning tools, encryption capabilities, etc.
- Monitor and recommend improvements of security technologies and their various reports
- Risk Management / Security Audit/Assessment Support / Ad-hoc support
- Support security audit / assessment related activities and compliance reviews
- Perform other tasks, duties and projects as assigned
- Provide Ad-hoc support as required
JOB REQUIREMENTS
- Bachelor's Degree in Computer Science, Information Systems or related field, or equivalent experience
- 5+ years of IT relevant experience or equivalent combination of experience plus at least 2 years of experience performing Security Engineering / Planning / Operations.
- Experience in medium to complex computing environments, with advanced knowledge in security technologies and services## Hands-on experience with at least two or more of the following Enterprise Security Technologies:
- Network Intrusion Prevention / Detection
- Virtual Private Networks; SSL, IPSec and Site-to-Site
- Enterprise Class Stateful Inspection Firewalls
- Network Access Controls in context to Identity management
- Windows Server OS & Desktop OS
- Network Packet Inspection
- Directory Services including LDAP, AD and Secure Authentication Technologies
- Experience in implementing Information Security technologies and/or processes required.
- Experience in defining Information Security strategies and frameworks
- Experience integrating security technologies into corporate operations frameworks.
- Ability to communicate effectively with client staff at all levels, from technical to executive
- Multi-task oriented in a team environment
- Demonstrated ability to pay close attention to detail
- Knowledge of Information Security risk assessment methodologies and standards
- Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers
- Ability to work independently, undertaking and completing project tasks on schedule with minimal supervision
- Knowledge of Manufacturing Execution Systems
CERTIFICATIONS
CISSP, CISSP-ISSAP, SANS, or other professional certification applicable to security engineering are preferred
Salary Range - $65,950 to $94,300/yr.
Apply for this position
Required*