Security Engineer

Security Engineer

Fry, Inc. is seeking a highly qualified and experienced Security Engineer with strong verbal and written communication skills. This individual should be a leader and a team player.

 

As a Security Engineer you are required to do the following:

?  Define and enforce security policies, processes, and procedures

?  Keep current with new developments in security industry including alerts, bugs, vulnerabilities, and viruses; evaluate and report on their potential technical and/or business impact to the company and our clients

?  Identify, evaluate, and respond to security threats

?  Review network and server logs for suspicious activity during investigations

?  Provide third level support for security issues and incident response

?  Lead incident response investigations; assist legal and corporate security-related investigations

?  Lead complex security projects and implementations

?  Lead corporate and client-sponsored security audits

?  Provide adhoc consulting on network and system security issues

?  Recommend, design/plan, and implement network security improvements

?  Recommend and implement processes for remote and local router, switch, load balancer, firewall, IDS, and server security policies; perform operational audits to ensure processes are followed

?  Recommend and implement processes for patching, configuration management, updating IDS signatures, performing vulnerability assessments, and security monitoring tools; perform operational audits to ensure processes are followed

?  Recommend and implement processes for controlling employee access to information systems and facilities; perform operational audits to ensure processes are followed

?  Educate administrators and users regarding security risks and best practices

?  Provide vulnerability analysis and reports on a periodic basis.

 

Required Skills:

?  Must have experience designing, engineering, and configuring secure network and server solutions

?  Must have experience designing, planning, deploying, and troubleshooting complex, highly-scalable, highly-redundant information systems

?  Expert understanding of TCP/IP and the OSI reference model

?  Expert understanding of cryptography standards, algorithms, and technologies

?  Must have experience with Cisco routers, switches, load balancers, firewalls, and IDS

?  Must have experience with patch, configuration management, IDS, vulnerability assessment, and security monitoring software

?  Strong working knowledge and experience of Internet security, software, and best practices

?  Strong working knowledge and experience with LAN and WAN switching and routing

?  Strong working knowledge and experience with client and site-to-site VPN configurations

?  Strong working knowledge and experience with FTP, SMTP, DNS, HTTP/HTTPS, SSL, SSH, SCP/SFTP, SNMP, Ipsec, ISAKMP, and GRE

?  Strong working knowledge and experience with network and server security hardening

?  Ability to understand requirements and develop solutions, communicating effectively with clients, vendors, and management

?  Strong organizational, documentation, project management, and communications skills

?  Candidate must have a bachelor's degree in computer science or related field

 

Desirable Skills:

?  Certification in GIAC, SSCP/CISSP, and/or CCNA preferred

?  Expert understanding of Sarbanes-Oxley (SOX) Act and Payment Card Industry (PCI) Data Security Standard requirements

?  Understanding of SAS70 requirements is a plus