Security Engineer

About PCMPCM is one of the fastest-growing value added direct marketers of technology solutions for business, government and educational institutions as well as consumers. We ve built an environment that is fast-paced, growing and continually changing with the needs of industry. Our rapid growth and expansion has created numerous career and advancement opportunities. Providing IT solutions nationally since 1987, PCM, Inc. is an industry recognized, publicly traded, value-added direct marketer of technology products, services and solutions to businesses, government, education, and individual consumers. Fully accredited and authorized by major manufacturers including HP, Apple, Cisco, Microsoft, Dell, and 1500 others, PCM offers product and service solutions through field sales, call center, and eCommerce venues. With annual sales of $1.5B+ , 3000 employees and over 400,000 products available, PCM delights in serving small, medium and enterprise level businesses. PCM is an exciting and rewarding place to work. OverviewThe Senior Network Security Engineer serves as a technical lead for the IT Security Team and is responsible for the operation, maintenance, monitoring and implementation of IT security technologies, processes and procedures. This job role will be well versed in understanding the information technology landscape including security, infrastructure, network, client, server, emerging technology standards and trends.The Senior Network Security Engineer will manage and monitor outsourced security functions; will apply expertise in information security and protection systems to eliminate or reduce unauthorized access, disclosure or destruction of data and assists with investigation of technology security breaches; identifies security issues; performs and participates in risk assessments; assists in the identification, development and implementation of security solutions; recommends secure solutions utilizing standard best practice security principles; assists in designing, implementing and measure required compliance controls; contributes to the overall security posture of the organization. Responsibilitieskvkv Lead the design, review, and implementation of strategic and tactical security initiatives.Identify significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks.Provide architectural design and coordinate the implementation of security solutions to integrate into existing network environment.Establish requirements and make recommendations on the appropriate infrastructure protection tools, methods, and technologies.Develop strategies for responding to future security challenges. Demonstrate effectiveness of the program for implementation on an organization-wide basis.Review, create and update security policies, procedures and standards, and present them to management for endorsement.Establish technical or procedural enforcements for pertinent policies within the organization. Facilitate organizational-wide communications and institute measures to ensure information security awareness and compliance.Review new and existing systems, networks, and software designs for potential security risks, and resolve integration security issues across disciplines. Define the scope and level of detail for applicable security plans and policies.Implement and interpret the requirements of ISO/IEC, PCI, SOX, and HIPAA policies, mandates and standards.Develop the project plan for the implementation, identify major milestones and activities, and coordinate development and implementation.Develop plan and methodology for testing and measuring IT compliancy.Act as a key member of the Incident Response Team, who may be called upon to represent in the investigation of serious cyber security violations that potentially impact the integrity of Jackson Hewitt's infrastructure. Recommend action for containment and remediation based on findings, and following up to ensure the implementation of corrective actions.Proactively monitor security infrastructure and tools to insure reliability and integrity of systems and applications.Develop and implement operational response procedures to maximize visibility, maintain stability and prioritize criticality of identified issues.Investigate and respond rapidly to identify security incidents.Acquire, analyze, and interpret forensic images, packet captures and logs to accomplish rapid and accurate incident response.Recommend and implement tools, standards and procedures to facilitate future investigations.Educate IT team members in security best practices.Collaborate with IT Teams to incorporate security best practices into daily workflows and procedures.Assist with development and implementation of Security Awareness Training for entire organization. Qualificationsnj Bachelor s degree with a concentration in Computer Science or Business Administration or equivalent work experience required.Five (5) + years experience (7+ years in lieu of degree) in firewalls, routers, proxies, load balancers, and UNIX-based systems.Excellent oral and written communication skills and interpersonal skills.Proficient in protocols such as TCP/IP, HTTP/HTTPS, SSH, SSL, BGP, DNS, SNMP, and VRRP.Proficient in firewalls, routers, proxies, load balancers, and UNIX-based systems.Proficient at securing systems (e.g. common operating systems, network equipment). Proficient in security concepts such as identity management, least privilege, defense in depth and separation of dutiesProficient in security technologies such as IPS, VPNs, D/DoS and vulnerability management.Working knowledge of common web architectures and related security risks.Working knowledge of large scale networks including architecture and security risks.Working knowledge of Windows based operating systems.Working knowledge of scripting languages (Python or Perl preferred).Familiarity with incident response and forensic investigation.Experience writing technical specifications and operational documentation.A strong desire to learn while being able to complete tasks in a high-pressure environment. Why work for PCM? PCM Offers: We offer an environment for career-driven individuals seeking to make a solid contribution to our company objectives and their own career enhancement. If you want to work in a challenging, performance-based environment and be rewarded for your efforts, then PCM is the place to build your career. PCM offers a competitive base salary, bonus, 401K with a company match and medical/dental benefits as well as an Employee Purchase Plan, company sponsored discount programs and paid time off. PCM is more than an IT provider: we are a trusted technology partner for thousands of businesses across the country specializing in cloud, data center, mobility, networking, security, and software solutions.PCM: The right technology, delivered! We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.