Tuesday, March 6, 2018

Security Engineer

Position: Security Engineer
Location : San Francisco, CA
Type Of Hire : Contract
Duration :  12+ Months

Required: GC/USC/EAD

Job Description
  • The Security Engineer coordinates security responses with and trains engineers from other groups within the IT Function such as the MIS team, the NOCC, Network Engineering and the Production Support organization.
  • This role requires availability for off-hour support and travel within the continental Unites States as needed.

Job Responsibilities:
 The primary responsibility of the Security Engineer is information security incident management. This includes:
 Responds to information security incidents in a quick, effective and orderly manner
 Monitors systems, alerts and vulnerabilities
 Collects evidence for administrative follow-up or legal action
 Conducts postmortems, enhancing controls and training others
 Analyzes security incidents and reports finding to management
 Documents and maintains the following types of procedures:
 Recovery procedures that address specific classes of security incidents such as malicious code, denial of service attacks, breaches of confidentiality and internal misuse of information systems
 Contingency plans for system recovery that identify the cause of an incident, detail how to contain the threat and identify corrective action for preserving live systems data
 Guidance on how to collect forensic evidence for civil or criminal proceedings
 Emergency actions and control procedures that will reduce the likelihood of recurrence

 Familiarity with Unix/Linux, Windows Active Directory, OWASP, Network protocols and how to secure them.
 Familiarity with Net screen, Palo Alto, Checkpoint or other Firewall technologies, various IDS/IPS and SEIM systems. Experience implementing information security controls
 Knowledge of other Security systems such as DLP, Application scanning, or Vulnerability assessment.
 Demonstrated flexibility in approach and in developing solutions
 Demonstrated ability to work independently as well as a member of a team
 Demonstrated analytical skill, technical knowledge and practical application of information security at a business aware and technical level
 Ability to explain complex IT concepts in non-technical terms
 Demonstrated flexibility in approach and in developing solutions
 Experience in the Financial Services industry and solid understating of SOX, PCI and SDP compliance requirement
 Take charge personality, and the ability to drive a plan to completion
 CISSP certification is highly desirable. Other industry standard certifications such as MCSE, CCSE, CCNA, CEH, Security+ or SANS also desirable.

Experience / Education:
 Bachelor's degree (B.S.) in Computer Science or equivalent job experience
 Minimum 3 years security experience in implementing security solutions and processes
 Minimum 5 years’ experience of implementation and maintenance some of the following IT systems, with a security focus; Windows 2008, 2012 server, Remote Access solutions, SSL/IPSEC VPN services, border routers security, firewalls, IP/VoIP network, DNS, WINS, IP network, TCP/IP, SSL certificates and Intrusion Detection System (IDS), IDS Alerts, and IDS signature upgrades, local and wide area networks

Physical Demands and Work Environment:
Representative of those that must be met by an employee to successfully perform the essential functions of this job. Must be able to operate a PC and sit for extended periods of time. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Ankur Bhatnagar
Senior IT Recruiter
Nora Logic Inc.