Security Engineer

We have a Permanent position for "Security Engineer" with one of our direct clients in Atlanta, Georgia. No third-party candidates considered for this position. US citizens and all those authorized to work in the US are encouraged to apply.Please Contact at (678) 381-1126Local Candidates are Preferred. Video Interview is mandatory.

• Contribute to the development and maintenance of policies, procedures, standards, and guidelines (PPS&G) that support the Client cybersecurity program in an advisory capacity.
• Coordinate with Privacy and Compliance to ensure enterprise-wide alignment of PPS&G.
• Advise middle management and compliance on risk levels, security posture, and cost/benefit analysis of security programs.

• Provide technical design of solutions not deployed by third-party vendors
• Provide hands-on technical support of security products where MSSP is not applicable
• Perform system maintenance on the SIEM system hosted in the Client’s network
• Perform HITRUST-required changes to the Client’s environment as instructed by ISM
• Monitor and review logs generated by all Clients systems to hunt for malicious patterns
• Perform occasional audits of the Client’s environment based on a guide developed by ISM
• Act as an escalation point for Security Analyst

• Work with ISM to perform incident response outside of the responsibility of MSSP
• Unexpected System Downtime
• Infection of system
• Loss of confidential data
• Loss of Clients-owned equipment
• Support development and maintenance of program documentation, including policies, plans, and procedures for incident response.
• Coordinate with security service providers to support timely response for confirmed security events detected internally and externally.

• Serve as the technical contact for third-party security service providers (Managed Security Services Provider).
• Carry out remediation described by risk assessments at the discretion of the ISM
• Provide findings and recommendations to ensure procurement stakeholders understand the security risk associated with planned acquisitions.

• Coordinate with IT to ensure timely execution of enterprise patching.
• Facilitate vulnerability assessment using approved security tools to support vulnerability management, change management, and solution development.
• Manage assessment and reporting for Microsoft 365 Security Assessments.

• 2-3 years experience
• Security+ or equivalent certifications including:
• CySA+
• GCIA
• GCIH
• GICSP
• PenTest+
• Azure Security Certification Suite
• CISSP

• Strong knowledge of best practices for data encryption, protection, and firewalls in order to protect sensitive data
• Security appliance configuration deployment and monitoring
• Knowledge, skills, and abilities to execute tasks for troubleshooting enterprise security systems
• Knowledge of networking ports and protocols to identify odd/malicious traffic in logs
• Knowledge of current and emerging industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities
• Monitor the health of information systems on a daily basis and enhancement of Client Security measures following any potential or confirmed attack including written detailed reports about such attacks
• Knowledge of business continuity and disaster recovery continuity of operations plans
• Knowledge of data backup and recovery in conjunction with the Infrastructure and Operational leadership team including Managed Services Providers
• Knowledge of PCI and PHI data security standards (heavily focused on HITRUST requirements)
• Ability to advise middle management on findings derived from internal audits
• Ability to multi-task, prioritize
• Technical aptitude
• Excellent written and oral communication
• Strong attention to detail
• Excellent time management and organization skills
• Resourcefulness and willing to find solutions
• Motivated to be a team player