IT - Information Security Engineer

Idealforce LLC
Phoenix, AZ
25 Nov 2024

Vacancy expired!

IDEALFORCE has a

Contract position available immediately for

IT - Information Security Engineer to join our customer in

Phoenix Arizona. This is an ONSITE position. Please find below additional details about this job. Kindly respond with your most up to date resume if you would like to pursue this opportunity.

Job SummaryThe Security Engineer is responsible for ensuring the security of information across the enterprise.This role will interact closely with customers both internal and external, software developers, I.T.administrators and technicians, compliance officers, and other key stakeholders in order to buildinformation security strategies and programs, develop and implement enterprise-level informationsecurity policies and standards, lead information security awareness activities, and identify andremediate information security issues.The Security Engineer will serve as the primary information security interface and subject matter expertto all of the agency's functional groups and project teams, as well as providing leadership andmentorship to the rest of the Information Security team.This role will work to improve the ability of the organization to protect the confidentiality, availability,and integrity of the agency's information assets.The Security Engineer operates under administrative supervision and reports to the Chief InformationOfficer.This position is expected to respond after-hours on short notice in the event of a security incidentnecessitating their involvement.

MINIMUM QUALIFICATIONS & REQUIREMENTSBachelor's Degree in Information Security, Computer Engineering, Information Systems, ComputerScience or a closely related field and five (5) years in the information security area OR an equivalentcombination of education and/or experience sufficient to successfully perform the essential duties.

Required Qualifications:5+ years of experience in information system security rolesAct as a primary point of contact for all issues related to Information Security operations.• Serves as the Subject Matter Expert (SME) for security tools, trends, methodologies, and best practicesfor securing platforms and operating systems at the network, server, and endpoint level.The ability to communicate security processes and principles to stakeholders both inside and outside ofthe IT organization.Strong time management and organizational skills The commercial acumen to provide the organizationwith cost-effective security solutionsAn enthusiasm for staying up-to-date with the very latest updates about security threats and solutions.Background Investigation:Employment is contingent upon the results of a comprehensive background investigation including workexperience verification, criminal background check, and a personal credit history review.

Licenses and Certifications:Valid Arizona driver's license• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager(CISM), Certified Information Systems Auditor (CISA), GIAC Security Essentials Certification (GSEC) orequivalent certifications are preferred.

EXAMPLES OF DUTIES / KNOWLEDGE & SKILLSThe statements listed below describe the general nature and level of work only. They are not anexhaustive list of all required responsibilities, duties, and skills. Other duties may be added, or thisdescription amended at any time.Security Operations - Participate in, and provide guidance for the security monitoring and incidentresponse processes listed: Event correlation and detection, Endpoint Detection and Response (AV),Threat Detection and Response, Customizing Security Orchestration tools, overseeing security incidents,performing forensic investigation (as needed), and facilitating incident response communicationbetweenstakeholders.Security Administration – Provide administrative support for the following types of security systems andtechnologies: Vulnerability Scans, Security Awareness and Phishing, Centralized Log Management,Infrastructure Systems Hardening, Role-Based Access Controls.Security Engineering – Determine business requirements and provide secure solutions within thefollowing types of areas: Cloud Security, Secure SDLC / AppSec, Network Security, ConfigurationManagement, Security Architecture and Strategy.Offensive Security – Able to understand and demonstrate how security controls are positioned toprotectthe business using the following processes: External Network Service Validation, Domain RecordEnumeration, Web Application Crawling and Exploitation, Authentication.Risk Management – Able to assess and track the following types of technology risks: RegulatoryRequirements, Security Best-Practices Recommendations, Business Continuity and Business ImpactAssessments.Security Program Governance – Provide program oversight and development within the followingprocesses: Security Policy Reviews, Organizational Security Framework Self-Assessments, Reportingand Metrics, Prioritizing Initiatives, Coaching and Training.Security Tools and Technologies – Have experience building, operating, and improving the followingtypes of Security Tools and Technologies: ElasticSearch, Cisco SecureX, CiscoAmp, MIPSThreatSharing, ISAC Alerts, ThreatConnect, Nessus, KnowBe4, Demisto, Thycotic, Deepcode, .NetAnalyzer, WinCollect Analyzer, AppScan, ZAP, Wireshark, NMAP, Kali Linux.IT Systems and Technologies – Have experience supporting and providing secure solutions for thefollowing types of IT systems and technologies: Windows Workstations, Windows Server, RHEL,CentOS, Ubuntu, Active Directory GPO, Active Directory users and groups, WSUS, Azure, AWS,IPS/IDS, Domain Architecture (A, MX Records), Email Controls (SPF/DKIM/DMARC), IIS, Drupal, CiscoASA, Cisco Nexus, Cisco ACL Policies, VMWare ESXi.IT Service Processes and Solutions – Have experienceusing the following IT service management principles and technology: Asana, Kase, ManageEngine, ITILv4 (Incident, Problem, Change, ServiceRequests, Project, Service Improvement), CAB, Architecture Review, Project Management, Securityawareness and training programs, Audit Support (both compliance and regulatory), OperationallyCriticalThreat, Asset, and Vulnerability Asset (OCTAVE) threat assessment framework (specifically theOCTAVE Allegro methodology), Operational Run/Process Documentation.

PHYSICAL DEMANDS / WORK ENVIRONMENTPhysical Demands:Positions in this class typically require: climbing, balancing, stooping, kneeling, crouching, crawling,reaching, standing, walking, driving, lifting, fingering, grasping, feeling, talking, and hearing.Medium Work; Ability to occasionally lift up to 50 pounds with the assistance of applicable equipmentorother employees, and up 20 pounds of force frequently, and/or up to 10 pounds of force constantly tomove objects.Work Environment:Physical ability to perform office and related work, including operating computers and office equipment;stamina to sit for extended periods of time; Incumbents may be subjected to moving mechanical partsand electrical currents; Limited local travel will also be required to support customers in remote businessunits; May respond to system emergencies and system failures on a 24/7 basis.

Additional Information :- "All your information will be kept confidential according to EEO guidelines".- All candidates who are authorized to work in US are encouraged to apply.- Candidates must clear the Background check prior to commencing the assignment.

SOURCER ASSIGNED: Email your candidate/s resume to jb dot resumes at idealforce.com along with the following details: Rate, Current location and Availability.

Disclaimer : The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
  • ID: #23471253
  • State: Arizona Phoenix 86301 Phoenix USA
  • City: Phoenix
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2021-11-25
  • Deadline: 2022-01-22
  • Category: Et cetera