Senior Security Engineer

Nature of Work:

Perform security architectural design and review, technology deconstruction and reverse engineering. Scan, analyze and remediate information security assets to identify potential security vulnerabilities and threats that place OUC technology at risk of misuse, unauthorized access or disclosure.

Basic Job Duties:

• Test technology security; analyze test results to recommend and assist with mitigation effectiveness
• Manage security planning including estimates, architectures, tasks and risk assessments
• Configure, schedule, and maintain automated vulnerability scanning
• Audit, respond, and remediate third party assessment
• Investigate security issues when necessary
• Maintain incident response support; escalate support for security analysts
• Assist in the maintenance of policies, standards, guidelines and procedures
• Maintain situation and current threat trending awareness
• Manage contract security support personnel during special projects
• Perform other duties as directed by supervisor

Requirements:

•  Bachelor’s degree in Computer Science, Information Technology, Cyber-Security, or related field of study
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH), Cisco Certified Network Associate (CCNA Security) and/ or GIAC Web Application Penetration Tester (GWAPT) must be obtained within one (1) year of hire
• Minimum of six (6) years of experience with penetration testing and vulnerability scanning, security architecture and compliance, and/ or network security engineering
• Security tool subject matter expert; ability to efficiently use penetration testing tools, advanced protection devices, and other security forensic tools
• Comprehensive knowledge in all, but not limited to, the following:
• Web security management
• PSERM/ CC&B
• AutoCAD
• JD EnterpriseOne
• Intrusion Detection System (IDS)/ Intrusion Prevention System (IPS) and web/ email/ malware scanners
• Ability to translate highly technical information to non-IT staff
• Ability to comprehend data samples, security forensic data, and network data flows
• Ability to generate flow charts, architectural diagrams and project plans
• Ability and desire to maintain knowledge of new technology (appliances, devices, etc.)
• Ability to make arithmetic computations using whole numbers, fractions and decimals
• Ability to compute rates, ratios and percentages
• Ability to use Microsoft Office Suite (Word, Excel, Outlook, etc.)
• Ability to use standard office equipment (telephone, copier, computer, etc.)