Sr. Security Engineer

Company: GEOGRAPHIC SOLUTIONS INC
Location: Palm Harbor
Posted on: May 23, 2023

Job Description:

Job Type

Full-time

Description

Job Summary: Assist the Chief Information Security Officer in leading and managing the Information in accordance with organizational policies and goals. The candidate will assist the Chief Information Security Officer and the Information Security Team Lead in processing documentation, facilitation, remediation planning, risk management, and systems implementation coordination to meet the audit, control, and compliance requirements.

The Sr. Security Engineer will be responsible for identifying and reporting all security issues, prioritizing threats, and confirming threats have been mitigated in accordance with company standards. The Sr. Security Engineer will be a resource of experience and best practices to for the Information Security Team.

Requirements

Key skills:

• Proficiency in configuration, optimization, and utilization of information security tools such as McAfee EPO, McAfee ENS, McAfee NSM/ePO, Qualys, HP Fortify, Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect, SNORT, Security Onion, and Nikto
• Well-versed in Governance, Risk, and Compliance frameworks and activities such as performing risk assessments, vulnerability assessments, and audits
• Expert understanding of manual techniques to exploit vulnerabilities in the Open Web Application Security Project (OWASP) top 10 including but not limited to cross-site scripting, SQL injections, session hijacking, and buffer overflows to obtain controlled access to target systems
• Attack and Penetration experience in testing of Internet infrastructure and Web-based applications utilizing manual and automated tools
• Proficiency in static and dynamic scanning methodologies
• Expert ability to perform network traffic forensic analysis, utilizing packet capturing software, to isolate malicious network behavior, inappropriate network use or identification of insecure network protocols
• Ability to perform general inspection and implement preventative measures on intrusion detection systems
• Assist in managing multiple competing priorities in a fast-paced SaaS environment
• Assist in managing third-party security services, application vendors, evaluate new vendors and services
• 5+ years hands on experience in one or more of the following Operating Systems: Windows Server 2003/2000/NT, Linux and UNIX
• 5+ years practical experience in TCP/IP Networking
  
  Preferred Skills:
  
  • 5+ years of experience in one or more of the following Database Environments: Microsoft SQL Server, Oracle, Sybase, DB2, and MySQL
  • CISSP, OSCP
  • Knowledge of Industry Standards, e.g., ISO 17799/27001, FISMA/FedRAMP, NIST Publications, and other Industry Related Security Standards
  • Knowledge of Industry Regulations, e.g., Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI) or Corporate Compliance
  • Hands-on working experience with Microsoft SQL Server 2012/2016
  • Strong working knowledge of agile and waterfall software development lifecycle methodologies
  • Experience reviewing or auditing IT general controls, network infrastructure, information security, SDLC, web server, database server, operating systems, and/or software applications to ensure compliance is maintained
  • Experience in the implementation and management of both offensive and defensive security technologies in conjunction with commercial and federal information security compliance initiatives
  • Active participation in Enterprise-level Risk Assessment and Business Impact Analysis
  • Active participation in disaster recovery and business continuity planning and execution
  • Consulting experience in Information Security
  • Hands-on working experience with Windows Server 2012/2019
  • Experience in TCP/IP Networking
  • Knowledge of Industry Standards, e.g., ISO 17799/27001, NIST Publications, and other industry-related security standards
  • Knowledge of Industry Regulations, e.g., Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI) or Corporate Compliance
  • Work with internal and external resources on performing and reporting the annual penetration testing to include complete white-hat testing; Must provide a detailed report and recommendations for improvements and remediation where applicable
  • Work with internal and external stakeholders to assess security requirements, and approve/modify designs as needed
  • Ensure vulnerabilities are mitigated in a timely fashion in accordance with the applicable compliance requirements
  • Support incident responses for all security-related issues 24/7
    
    Special Requirements:
    
    • May also be assigned various projects and tasks as needed
    • Hours: Day shift. Evening and weekend hours may be required
      Equal Opportunity Employer. M/F/D/V

Keywords: GEOGRAPHIC SOLUTIONS INC, Palm Harbor , Sr. Security Engineer, Engineering , Palm Harbor, Florida