MUST HAVE- Skills / Prior Experience
1. Bachelor’s degree in Computer Science or relevant field, or equivalent education and related training
2. Five years of experience in Information Security
3. Grounded understanding of applied enterprise information security technologies including, but not limited to, firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering and mainframe security
4. Advanced knowledge of data flow, mainframe/client server systems, problem analysis and systems tuning; adept with
network interfaces and technologies
5. Active directory knowledge - understand how authentication occurs; the subtlies of permission; federation to SSO, ADFS, etc
6. Experience in Infrastructure engineering, especially on the network side and endpoint (server and desktop)
7. Security platforms - candidate must understanding typical perimeter security devices, end point protection, data protection, SIEM, etc.
8. Good verbal and written communication skills
9. Demonstrated proficiency in basic computer applications, such as MS Office software products
10. Ability to travel, occasionally overnight
Nice to Have - Skills / Prior Experience:
- solution architecture experience
- API / services - understanding the CI/CD pipeline
- Cloud broker arxhitectures
- Securing web enabled applications; securing web enabled services
- cryptographic services
- data at rest
- Governance / risk management exposure
Day to Day:
- This individual will be called upon to support a myriad of 2020 initiatives. The initiatives are diverse - some involve strategic projects, some involve tactical initiatives; and from time to time - some will involve helping to create a novel solution for a break/fix situation that has a relation to identity.
- You will be expected to look at proposed solutions or approaches, and evaluate them from an FMEA perspective. Core Engineering is in the teams name - so deep engineering of cross discpline projects related to the identity space.
- Participate in efforts related to designing, planning, enhancing and testing all information security technologies used
- throughout the enterprise, including base-lining current systems, trend analysis and capacity planning, as required for future systems requirements.
- Participate in technical assessment, research and testing of new technologies, as requested, using information security
- design, automation, and scripting best practices and procedures.
- Participate in the analysis of information to determine, recommend and plan the use of new technologies, or modifications to existing equipment and systems that will provide capability for proposed project or work load, efficient operation and effective use of allotted resources.
- Participate in the implementation of new information security technologies or integration of existing technologies, including initial configuration, installation, change management and operational handoff.
- Provide Tier III technical support of information security technologies, providing problem analysis and resolution in a timely manner.
- Participate in all areas of information security technology management, systems development, systems implementation and systems support, as assigned.
- Support training of less experienced personnel.
- Using manual and automated processes, ensure adherence of all responsible information security technologies to
- established design and configuration standards.
- Establish and execute processes to monitor and report on information security technology infrastructure compliance to
- policies, standards and best practices.
- Execute system tuning and make recommendations for improvements.
- Monitor information security systems using enterprise class monitoring systems, proactively identify potential issues and exercise appropriate responses to events ensuring availability of the environment.
- Generate and communicate appropriate reporting to illustrate operational status and stability of the information security technology infrastructure.
- Provide 24x7 on-call availability for supported information security technology infrastructure.
Information Security, firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering and mainframe security, Active directory, perimeter security devices, end point protection, data protection, SIEM