Returning Candidate?

Security Operations Engineer

Security Operations Engineer

# Positions 
1
Location 
US-Home Office/ Remote
US-GA-Atlanta
Category 
Information Technology - All Openings
Travel Requirements 
0-20%

More information about this job

Overview

Job Summary:

The Security Operations Engineer will be responsible for analyzing, monitoring, tracking and reporting behavior/tasks logged by assets (ie, applications, systems, networks) in the form of incidents to ensure NASCO is protected from any potential leaks of malicious activities. He/she will perform routine actions of analyzing correlated event logs to help identify normal versus malicious activity in the network/domain. He/she is responsible to proactively monitor cyber security and information technology infrastructure, including hardware, software, networks, applications and services.  This position will communicate with Information Technology, Application Development, Managed Security Services and other appropriate areas, as deemed necessary.

Responsibilities

Essential Roles and Responsibilities:

  • Performs vulnerability scanning for network devices, applications and databases in order to determine if these assets have any vulnerabilities to potential internal or external threats. 20%
  • Analyzes and assesses security incidents that occur to NASCO assets and escalates incidents by following incident plan. 15%
  • Creates, develops, and maintains standard practices and procedures to respond appropriately to internal and external threats.  10%
  • Assesses potential risks and vulnerabilities in the network by establishing status quo for the networks and recognizing any deviations in order to provide actionable recommendations in the event of malicious activity. 10%
  • Performs risk and security assessments of applications, databases, and servers and supports networking technologies, such as routers, switches, access points, in order to determine if these assets have any vulnerabilities to potential internal or external threats.  10%
  • Works with IBM and internal Infrastructure team to solve information security system problems and issues in a timely and accurate manner to prevent malware from coming into the environment.  5%
  • Follows Information Security process, policies and procedures congruent with standards and industry best practices.  5%
  • Monitors activities and events in NASCO’s Technology environment to ensure that anomalous behavior is detected, identified, classified and acted upon where appropriate. 5%
  • Performs application scanning to ensure that code releases are secure. 5%
  • Executes penetration testing on network and applications using ethical hacking techniques in order to determine network and application vulnerability. 5%
  • Develops and executes corrective action plans and remediation plans when issues are identified in order to mitigate the risk of exploitation. 5%
  • Performs reviews and assessments of security controls before hardware/software is migrated to production and performs application scanning to ensure that code releases are secure. 5%
  • Performs other duties as assigned.

Qualifications

Required Job Qualifications:

Knowledge:

  • Expert knowledge of Unix, AIX or Linux platforms
  • Expert knowledge of Cisco-based firewalls and intrusion detection systems
  • Knowledge of Mainframe technologies
  • Knowledge of Windows 200X server platforms.
  • Knowledge of VMware and VM server platforms
  • Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
  • Solid working knowledge and understanding of multiple operating systems and commands, as well as an understanding of IT security and network best practices and software/hardware solutions
  • Knowledge of business, application, information and enterprise architecture responsibilities, principles and standards.
  • Knowledge of Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
  • Knowledge of database structures and queries.
  • Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
  • Maintains a broad knowledge of current and emerging network security threats

Skills:

  • Strong time/project management skills with the ability to operate under deadlines and manage fluctuating workloads

Abilities/Success Factors:

  • Ability to communicate security objectives orally and in writing to a variety of audiences.
  • Ability to write security requirements and design documents
  • Ability to analyze complex problems and recommend/negotiate solutions
  • Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs.

Experience:

  • Minimum of 3 years experience in a security operations center and/or system administration role
  • Minimum of 5 years experience as a System Administrator (Unix/Windows) and Network Administrator
  • Experience troubleshooting common network devices, network vulnerabilities and network attack patterns
  • Experience analyzing IIS, SQL, firewall, IPS/IDS, Windows, SEP, Web, and mail filtering logged events.
    • Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)

 

Required Training and Education:

  • Bachelors degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.

Desired Training and Education:

 

  • Current SANS certification holder (technical tracks) strongly preferred
  • CISSP desired and CCNA, MCSE certifications are preferred

 

NASCO is a Minority/Female/Disability/Vet/Affirmative Action Employer.