IT Security Engineer (On-site)

Job Description :

PLUS BONUS PLAN & FREE FAMILY HEALTHCARE

Position Overview

The primary responsibility of the IT Security Engineer includes implementation of security configuration, certificate management, implementations of firmware; firewall rules, proxy rules; and patching for all end points (workstation, mobile, network, server, cloudapps). This position reports to the Senior Manager – IT Security and in collaboration with other IT team resources, partners with Cyber Security organization to drive the secure configuration(s) of the enterprise.

Essential Duties & Responsibilities

Must have Azure and Active Director

Checkpoint or other Security products

Endpoint detection and response ( EDR ) a cybersecurity solution that monitors endpoint devices to detect, investigate, and mitigate potential threats.

Nice to have – Zscaler, firewall or proxies

Maintain an inventory of service accounts used throughout the desktop computing environment, including the associated software / applications for which they are used.

Maintain an inventory of generic and / or shared user accounts used throughout the organization

Managing System Center Configuration Manager (SCCM) including deployment of IT Security end point agents, desktop patch deployment status, etc.

Ensuring that patches are deployed to all supported workstations, servers, network devices and applications.

Ensuring the secure configuration of all supported workstations, servers, network devices and applications

Managing submission of exceptions related to patch and configurations that cannot be applied

Facilitate change control and management for patching, configuration, software implementation, upgrades and certificate implementation for the enterprise

Responsible for running the cyber security tool suite

Ensure tool effectiveness in terms of making sure it is running according to vendor specification, configuration, and deployment requirements

Ensure package development used to roll end point agents and associated configurations out across the desktop computing environment

Maintaining an inventory of all deployed network devices including; firewalls, routers, switches and other network gear.

Maintain an inventory of all Virtual Local Area Networks and Network Internet Protocol (IP) Addresses, address space and IP assignments, including the development and maintenance of the IP Address Management (IPAM) for the enterprise

Orchestrating deployment of secure configurations and firmware packages for all network devices where security posture is affected

Ensuring that security firmware updates are deployed to all supported network devices

Maintains direction and focus through proactive planning and organized approaches to work

Agrees established goals with team leader, and ultimately achieves these goals

Ability to travel internationally is an essential function of this job

Perform job duties in a safe manner.

Attend work as scheduled on a consistent and regular basis.

Performs other related duties as assigned

Technical Skills

Candidates should demonstrate technical understanding across several of these disciplines :

Firewall technologies including application firewalls, appliances and physical devices

Internet proxies, reverse proxies and related filtering technologies

Systems management software such as SCCM,

Vulnerability scanning technologies such as Rapid7, Qualys, Nessus

Software vulnerabilities testing and remediation (OWASP / SANS CWE)

Container platforms and orchestration with Docker and Kubernetes

Scripting with Python, Power Shell, Bash / KSH, YAML

Infrastructure technologies from VMWare, Linux, Microsoft, HCI, Docker

Virtualization with VMware, Kubernetes

O365, Exchange, Identity and Collaboration platforms

Network topologies, protocols, and standards

Network configuration and administration with Cisco, Azure, Silver Peak, Aruba, Corning

Network access and traffic control with Checkpoint, Zscalar, SDWan, SDLan

Monitoring with ITRS, Big Panda, App Dynamics, Dynatrace

Minimum Qualifications

Proof of authorization to work in the United States

Bachelor's degree required; advanced degree in technology preferred.

5+ years of relevant work experience

Familiar with IT Security concepts, design principles, best practices, standards, and processes

Exceptional analytical, statistical, quantitative, and deduction skills.

Ability to communicate clearly in a multicultural, multinational environment with both technical and non-technical business stakeholders, as well as executive level management.

Ability to represent information in graphical forms including using modeling languages, developing process flows, creating data and topology diagrams, etc.

Knowledge of secure coding best practices and security framework standards : NIST, COBIT, ISO

Experience implementing controls for privacy legislation such as : HIPAA, COPPA, FCRA, GLB or GDPR

Must be able to work varied shifts, including nights, weekends and holidays.

Physical Requirements

Must be able to :

Physically access all areas of the company and drive areas with or without a reasonable accommodation

Maintain composure under pressure and consistently meet deadlines with internal and external customers and contacts

Ability to interact appropriately and effectively with guests, management, other team members, and outside contacts

Ability for prolonged periods of time to walk, stand, stretch, bend and kneel

Work in a fast-paced and busy environment

Work indoors and be exposed to various environmental factors.