Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Security Engineer II
Company InComm
Location Any/Remote
Preferred GIAC Certifications GSEC, GCIH, GMON, or GCED
Travel 0%
Salary Not provided
URL https://careers-incomm.icims.com/jobs/11892/security-engineer-ii/job
Contact Name Matthew Frick
Contact Email mfrick/at/incomm.com
Expires 2021-06-17

Job Description

Position Overview
Job Title: Security Engineer II
The Security Engineer II will be responsible for developing and improving security engineering and operations capabilities across InComm business units. This position must be well-versed in the current technical security landscape across application, system, and network layers, diligent in adhering to knowledge management practices, and intellectually curious to develop new skills with evolving technologies. A diverse background is value-add, since a variety of organizational sizes, technology stacks, and processes will be encountered across various business units and within the centralized security program of the InComm parent company.

Responsibilities:
• Implement and tune log management technologies and SIEM alert logic.
• Monitor security telemetry from application, system, and network log feeds.
• Assist in migrating from current firewalls to standard NGFW platform.
• Perform system hardening for new builds to include agent deployments and assessment of vulnerability and configuration state.
• Review and advise of identified security gaps or concerns pertaining to new infrastructure or application build out.
• Gather evidence, perform remediation, and support audit efforts.
• Create and maintain documentation of security procedures.
• Contribute to development and maintenance of Information Security Policies, Standards and Guidelines.
• Think with a security mindset while successfully analyzing business risk and remediation effort, to prioritize efforts and projects and not impact productivity.
• Partner with other leaders and business project sponsors to build consensus on project requirements, expected timelines, and service delivery goals as well as report on status and key project risks.
• Communicate highly technical content to various audiences ranging from client engineers to executive management, including mixed audiences.

Qualifications:
• Hands-on experience deploying and optimizing defensive security technologies at the system, application, and network layers.
• Experience troubleshooting security technologies to identify root cause in failure conditions.
• Intellectual curiosity for new technical security topics and systems thinking for reasoning about value across adjacent technologies and processes.
• Experience performing risk assessments, making relative comparisons of risk severity, and influencing prioritization decisions for information security initiatives.
• Knowledge of kill chain attack methodology.
• Knowledge of cryptographic techniques, protocols, ciphers, and key management concepts.
• Ability to automate simplistic and/or repetitive tasks with code.
• Knowledge of kubernetes, cloud native architecture, and related security principles.
• Experience reviewing indicators of compromise against observables generated from security tools.
• Knowledge of the MITRE ATT&CK framework.
• Experience performing security architecture review and evaluating trade-offs in design and deployment decisions.
• Experience handling incidents and forensic data collection.
• Experience consuming and/or producing deliverables such as gap analyses, RACI charts, data flow diagrams, process flow diagrams, and/or maturity scorecards.
• Strong analytical skills.
• Ability to communicate security and data governance related concepts to a broad range of technical and non-technical staff both verbally and in writing.
• Ability to manage multiple tasks simultaneously and meet established deadlines.
• Ability to collaborate with all IT teams on security-related incidents, tasks and projects.
• Ability to work productively while remote and communicate effectively in a virtual team environment.
• 5+ years IT experience
• 2+ years Information Security experience.

Education & Certifications
• A Bachelor’s degree in Information Security, Computer Science, Information Systems, or another related field is preferred, but not required.
• A certification such as CISSP, CySA+, CEH, GSEC, GCIH, GMON, or GCED is preferred, but not required. Career development plan to include certifications upon hire.

Feel free to reach out to the hiring manager, Matthew Frick, mfrick@incomm.com.

InComm provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin, citizenship, veteran’s status, age, disability status, genetics or any other category protected by federal, state, or local law.