Ref ID: 04080-0011889418
Classification: Security Network Engineer
Compensation: $110000.00 to $115000.00 yearly
Develop and execute security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company infrastructure.
Monitor and research attempted or successful efforts to compromise systems security.
Provide regular reports to management regarding existing or potential risks to BBG systems.
Must have a fundamental understanding of security related technologies such as SIEM and SOAR. Must have a familiarity with compliance frameworks such as CIS Top 20 and NIST CSF.
Must have a knowledge of IT infrastructure deployment and distributed network environments. Must have a knowledge of various cloud-computing environments and IaaS.
Must have a knowledge of scripting, preferably with Python.
Proficient with offensive and defensive cybersecurity tools such as Kali Linux, Wireshark, Snort, Splunk, MITRE Att& ck techniques, ThreatConnect, Nessus, Nmap, Burpsuite and Metasploit.
Proficient with Microsoft and Linux operating systems.
Must maintain knowledge of and perform according to Standard Operating Procedures (SOPs) and policies. Must have a thorough understanding and hands‐on experience with Cisco networking and security technologies, including administration of enterprise routers, switches, firewalls.
Must have detail knowledge and experience with network security methodologies such as Port Security, ACLs.
Must have knowledge and experience with network monitoring systems (Solarwinds, Statseeker).
Must have a strong understanding of information security standards, concepts, controls, testing techniques and technical risk assessment.
Must maintain knowledge of and perform according to Standard Operating Procedures (SOPs) and policies.
Review and update documentation for policies, procedures, standards, and guidelines.
Research, evaluate and implement security applications and services.
Research compliance requirements and provide assessments for monitoring compliance.
Research and mitigate emerging threats, APTs and zero-day attacks.
Assist with deployment of application/tools for security monitoring and event investigations.
Track and record IT security incidents and compliance violations.
Identify, analyze, and resolve enterprise security design weaknesses.
Manage, administer, and maintain all enterprise security tool suites and utilities.
Conduct periodic vulnerability assessments and penetration tests on networks, data servers, websites, applications and services.
Take responsibility for and manage ongoing audit compliance projects.
Work with 3rd party vendors for assistance with vulnerability scans and penetration tests.
Assess, plan, and implement remediation recommendations.
Maintains cybersecurity employee awareness program and work closely with users to educate them in all cybersecurity matters.
Requires seven years of progressively increasing responsibility in the areas of information security, risk assessment, cybersecurity, or networking in a large multi-location corporation.
Requires 2 or more years of experience in network administration.
Requires one or more years of leadership experience.
Requires strong incident response background.
Prefer experience with multiple environments and operating systems, devices and databases including Windows Server, Active Directory, VMWare, Azure or AWS.