Senior Cyber Security Engineer (Woburn, MA) (5298-228) 10/11/2017
JOB DESCRIPTIONAPPLY Tracking Code
At Presidio, we think, architect, implement and support the practical reality of IT every day. We bring together the best minds in the industry to deliver IT excellence and support the answers to our clients IT challenges. As one of the largest IT-as-a-Service solution providers in the U.S., we combine experience and stability with regional expertise and the unique ability to cover local and global business needs. For more information about Presidio visit our website at www.presidio.com or follow us on Twitter @Presidio.
The Senior Security Engineer will be responsible to administer, operate, design, and maintain the security toolsets of the Managed Security Intelligent Security Command Center (ISCC) and present findings and operational status to the customer. Candidates must have the capability to work effectively in a result driven environment, both independently and as a team member; ability to interact well with all levels of management and technical resources. Self-motivation and dedication to objectives is essential. The position will be participating on an on-call rotation and may be called upon to work off-hours to support customer escalations. The candidate will be expected to interact with customers, peers and management via phone, IM, video, and email to ensure customer issues are resolved per contracted SLA s related to the Managed Security Solutions.
* Administer, operate, and maintain security systems such as SIEM, vulnerability scanners, end point protection, and device monitoring environments
* Architect and design internal and client side security tool installations to support industry best practices
* Develop processes and documentation to magnify the benefits of existing tools
* Perform security gap analysis in support of new products as well as the tuning of existing tools
* Work with internal customer to develop requirements to meet their security objectives related to Log Management, SIEM, vulnerability management, and end point protection
* Create collaborative environment that encourages growth and information sharing including mentoring and educating team members
* Review current reporting and compliance goals, and verify reports to ensure they are meeting these goals
* Prepare and present weekly on-site operational and quarterly security reviews to the client and act as the single point of contact for all security related matters handled by the Presidio Intelligent Security Command Center
* Provide the highest level of support for security engineering environment
Bachelor s degree or equivalent experience and/or military experience * Customer service skills and client focus
* Strong communications skills including the ability to communicate technical information in using non-technical language
* Previous experience or aptitude to be successful in an Administration and Operations capacity
* Ensuring that new products and services are supported by the SOC and that newly defined processes and procedures are trained and understood by the team.
* Recent hands on experience with penetration testing.
* Has strong ability to identify risks and translate that information to non-security internal/external teams
* Ability to stay current with latest threat information from vendor partners
* Collaborates with customers to help identified risks and business security requirements for alerting
* Develops and maintains productive business partner and vendor relationships to ensure the convergence of business, technical and security requirements
* Assists business partners with the evaluation and communication of information security issues and development of business processes and technical solutions that reduce risk
* Partners with business leadership to develop budget projections based on short and long term goals and objectives
* Provides support and guidance on legal and regulatory compliance efforts, including internal/external audit.
* Recommends and coordinates the implementation of administrative and technical controls to support and enforce defined security policies
* Supports operational risk management activities with risk evaluation and treatment recommendations
* Supports internal and external business partners through coordination, development, and execution of security related activities
* Supports the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security
* Researches, evaluates, designs, recommends, and plans the implementation of information security technology and processes, and analyzes its impact on the existing environment
* Provides technical and managerial expertise for the administration of the information security program
* B.S. Degree in Computer Science or a minimum 5 years experience in the IT development industry or military experience.
* 4+ years of Information Security experience
* 3+ years administrative experience deploying, configuring, troubleshooting, and maintaining SIEM components
* 3+ years engineering experience creating correlation, dashboard, and reporting content using SIEM
* Advanced knowledge of content creation concepts and best practices as well as networking experience
* Excellent problem-solving and technical skills
* Experience with any combination of the following: Syslog, TCP/IP, Networking, Linux/Unix, Windows, OSX, Active Directory, Event Analysis, NIST standards and guidelines, Database Activity Monitoring, MS SQL, Oracle, SAN architecture, firewalls, IPS/IDS, A/V, advanced networking
* Expert-level understanding and knowledge of the principles of log management (McAfee, LogRhythm, QRadar, Splunk, etc)
* Experience planning, scaling, implementing, monitoring, and troubleshooting a SIEM environment
* Knowledge of core security principles and tool management that is product agnostic
* Clear understanding of Windows AD logs, SQL and Oracle events
* Must possess the ability to provide best practices subject matter expertise regarding log management system integration, alerting and reporting.
* High analytical skills: must be able to perform analysis and tuning of all incoming security events for threat detection, and increase the efficiency of processing, maximize true threat identification, and ensure accurate reports for auditing. Has the ability to draw meaningful conclusions from reported events, and implement appropriate reporting.
* Required to understand the business and technical requirements, architecture and design specifications and developing the associated content and documentation.
* A drive for Achievement and Effort, Adaptability/Flexibility, Attention to Detail, Analytical Thinking, Teamwork, Dependability, Initiative, Integrity, Persistence, Stress Tolerance.
* May involve extensive periods of standing, walking, bending, sitting, use of electronic tools and equipment, and lifting small to large boxes and electronic equipment.
Presidio Networked Solutions LLC is an Equal Opportunity/Affirmative Action Employer/ VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, or any other characteristic protected by applicable federal, state and local statutes, regulations and ordinances.
To read more about employment discrimination protections under federal law, please visit: https://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf
If you have any difficulty using our online system and need an