Are you passionate about helping mature existing security infrastructure? Do you thrive in an environment that works on high-visibility projects and interphases with various other teams? If so, this may be the position for you!
The Systems Security Engineer is responsible for managing technical security solutions to ensure the security and resilience of systems and assets, consistent with related policies, standards, and procedures.
The Systems Security Engineer implements the appropriate technical safeguards to ensure the delivery of critical infrastructure services. To achieve this goal, the Systems Security Engineer tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation required to effectively manage cybersecurity capabilities utilized to achieve information security architecture goals.
· Configure, implement, administer, operate, and maintain systems security capabilities within scope of responsibility (i.e.; configuration manager, file integrity monitor, vulnerability scanner, intrusion detection, data loss prevention, audit logging, etc.).
· Coordinate with systems engineers to assist with the management of operational tools with secondary cybersecurity functions (e.g.; identity and access management).
· Test and evaluate new cybersecurity applications, rules/signatures, access controls, and configurations of platforms managed by service provider(s).
· Assist with the identification and documentation of asset vulnerabilities.
· Gather threat and vulnerability information from information sharing forums and sources.
· Provide key management for data security (encryption) activities.
· Implement protections against data leaks.
· Use integrity checking mechanisms to verify software, firmware, and information integrity.
· Share effectiveness of protection technologies with appropriate parties.
· Implement tasks under the enterprise vulnerability management plan.
· Provide technical assistance to business/process owner implementing audit log records to meet security objectives.
· Provide technical assistance to the configuration of information system implementation of the principle of least functionality.
· Protect communications and control networks.
· Aid with the establishment of incident alert thresholds.
· Aid information system owners with the mitigation of vulnerabilities and incidents.
· Identify potential conflicts with implementation of cybersecurity tools within the enterprise information system architecture and information security architecture.
· Assist in identifying, prioritizing, and coordinating the protection of critical infrastructure and key resources.
· Education: Bachelor’s Degree/4 years, or equivalent experience required.
· Required Experience: 3+ years
· Certifications: Microsoft Technology Associate – Security Fundamentals, CompTIA Healthcare IT Technician, SSCP, CompTIA Security+, or equivalent required.
· CSSLP, GSEC, vendor certificate in specific tool, or equivalent required.
Additional Skills Required:
• Intermediate knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Intermediate knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.
• Intermediate knowledge of authentication systems and integration (i.e.; LDAP, SAML, etc.)
• Intermediate knowledge of system logging formats (e.g.; syslog).
• Intermediate knowledge of host access control mechanisms (e.g., access control list).
• Intermediate knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
• Basic knowledge of incident response and handling methodologies.
• Intermediate skill at configuring systems to least functionality.
• Intermediate skill in applying host access controls.
• Intermediate skill in tuning security sensors.
• Basic skill in using incident handling methodologies.
• Intermediate knowledge of cyber defense policies, procedures, and regulations.
• Basic knowledge of information security architecture principles.
• Intermediate interpersonal communication skill, both written and oral, with the ability to communicate effectively to technical and non-technical audiences.
• Basic technical writing skill.
• Basic skill with MS Office suite of tools and SharePoint.
• Intermediate attention to detail and organization skills.
• Intermediate analysis and critical thinking skills.
• Ability to develop productive working relationships with business and technical groups.
• Ability to effectively prioritize multiple responsibilities.
• Ability to take direction.
• Ability to work as a member of a team.
• Ability to embody the poise, presence, and personal integrity expected of an industry professional.
• Ability to eagerly to seize responsibility, ownership, and initiative for assigned tasks.
Additional Skills Preferred:
• Basic knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Basic knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
• Basic knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and how it flows in the Open System Interconnection (OSI) model stack.
• Basic knowledge of packet-level analysis.
• Basic knowledge of risk management processes.
• Basic knowledge of information security regulations.
• Basic knowledge of penetration testing methods (i.e.; black-box, white-box).
• Basic knowledge of systems testing and evaluation methods (i.e.; unit testing, integration testing, regression testing).
• Basic knowledge of interpreted and compiled computer languages.
• Basic knowledge of fault tolerance.
• Basic knowledge of information theory.
• Basic knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures.