Security Engineer

ID: 10653

City: Atlanta

State: Georgia

Posted: July 08, 2019

Security Engineer

Location: Atlanta

The Security Engineer is responsible for implementing security systems in order to detect, prevent, and deter all unauthorized interactions with the companies’ data systems. The Security Engineer serves as the companies’ security expert and will work closely with the IT Department and other teams to ensure data security best practices are observed.

 

Key Responsibilities

 

  • Develop and implement data security policies and procedures designed to protect company data and systems from unauthorized access, duplication, alteration, and/or destruction
  • Create training materials and coach teams on data security best practices; participate in data security-relevant knowledge sharing
  • Regularly test data systems for vulnerabilities and take risk-mitigation measures
  • Keep management informed of data security risks, breaches, and corrective actions
  • Perform maintenance after hours and in change windows and participates in on-call rotation
  • Performs other duties as assigned by manager

 

Requirements

 

Skills, Knowledge, and Experience

  • 5+ years of experience in computer programming or equivalent combination or training and experience
  • 5 years of relevant experience required or an equivalent combination of education and experience sufficient to perform the essential functions of the job, as determined by the company
  • 2+ years of experience in system design in a large-scale data processing environment
  • 2+ years of experience in data security systems including RACF or similar systems or in systems programming
  • Deep experience with key components of a complete security solution including: network asset management, systems hardening, vulnerability management, privileged access management, security information and event management, threat monitoring, endpoint detection and response, and application security management
  • Direct experience with preparing and administering security assessments (audits, penetration testing) and taking corrective action as needed
  • Hands-on experience in deploying and administering security tools and appliances - creating policies, tuning, log analysis, troubleshooting and diagnosing problems. Experience with the following is required/preferred:
    • Security and compliance frameworks/standards like PCI DSS, SOC2, ISO27001
    • Proficient in administration of Windows Server 2008 R2 and above
    • Server / workstation virtualization experience required
    • Endpoint Detection and Response experience required (Cisco AMP, Carbon Black, Tanium)
    • Vulnerability Management experience required (Nessus, Qualys)
    • System automation tools (Puppet, Chef) and DevOps tools experience preferred
    • Microsoft Windows Network Services (DNS, DHCP, Firewall)
    • Network Systems and Device Hardening (CIS Security Baseline Configurations / DISA STIG preferred)
    • Programming and Scripting languages (Python, PowerShell, Linux shell preferred)
    • Systems and security certifications such as: RHCSA/RHCSE, MCSA/MCSE, CISSP, GSEC, CCSP, CEH, Security+, or Network+
  • Excellent decision-making and task prioritization skills
  • Strong project management abilities
  • Excellent attention to detail and commitment to thoroughness
  • Commitment to integrity and protecting company assets
  • Excellent communication skills and ability to document and explain technical details clearly and concisely to a non-technical audience
  • Proven ability to meet deadlines and deliver quality outcomes under pressure

Education

  • Bachelor's degree in Management Information Systems (MIS) or related field
ENG123

* Mandatory fields