Tuesday, July 17, 2018

IT Security Engineer

Job Title:          Mid level IT Security Engineer
Duration:          6 Months to Hire
Location:          Irvine, CA
Start:                 ASAP
Pay Rate/Hr:    $50 - $60/hr; Salary: $90-100k/yr

Job Essential Function 1
Percent of Time: 30%

Perform as technical administrator for a variety of IT Security-related systems including: intrusion detection and prevention systems (IDS/IPS), network firewalls, site-to-site and client VPNs, network connection loggers, security information and event management (SIEM) systems, threat detection and identification (TDI) systems, vulnerability management systems, specialty authentication/authorization systems, multi-factor authentication, SSL certificate management service, email anti-virus/anti-spam/anti-phishing, privileged credential management, sensitive data scanning, advanced endpoint security, and central encryption and key services. Build and deploy new firewalls and VPNs, and help move existing networks behind firewalls. Ensure the uptime, reliability, and effectiveness of IT security systems. Provide after-hours support and on-call availability for critical services. Ensure customer service requests, break-fix incidents, and questions are addressed within the defined SLAs. Create scripts to automate common practices.

Job Essential Function 2
Percent of Time: 30%

As part of the security operations center (SOC), monitor and analyze security events from multiple sources, detect, escalate, triage and resolve security incidents. Analyze the severity and risk classification of an incident and respond appropriately. As part of the incident response team, investigate the cause of and quickly mitigate potential information security breaches on campus. Perform basic forensics of systems involved in an incident and suggest remediation. Monitor news and respond to new and evolving threats reported in the industry and other higher-ed sources.

Job Essential Function 3
Percent of Time: 25%

Work with customers and other IT administrators to plan and implement appropriate IT Security controls and integration with existing IT Security services. Provide direction on appropriate network segmentation based on risk. Research and propose new ideas and evaluate new IT Security solutions in accordance with the information security plan.

Job Essential Function 4
Percent of Time: 15%

Review IT security requirements and communicate standards and best practices to campus affiliates. Communicate reports, alerts, and/or advisories to campus affiliates. Collect metrics to measure and communicate the effectiveness of services. Provide leadership, formal project planning, and communication of projects and services. Develop and maintain appropriate documentation for technical and non-technical audiences. Engage and collaborate with other system-wide groups on UC security initiatives. Continually work to improve processes and procedures.


Three (3) to five (5) years with BA/BS OR one (1) to three (3) years with MA/MS or equivalent combination of education and experience.
Three (3) years of direct IT Security related work experience.
Strong working knowledge of Cisco ASA Firewall/VPN technologies, IOS, and ability to administer the full lifecycle of the devices.
Strong working knowledge of Palo Alto network intrusion detection and prevention systems (IDS/IPS) and firewall/VPN technologies.
Experience with SIEM or other proactive security event log alerting tools.
Experience performing network and web application vulnerability scanning.
Proven skills managing TCP/IP-based networking, and using common network troubleshooting tools and techniques.
Knowledge of various TCP/IP related attacks and common mitigation techniques.
Knowledge of IPv6 and NAT technologies and their security implications.
Strong knowledge of network segmentation best practices using a risk-based approach.
Experience performing basic digital forensics on Unix/Linux and Windows platforms.
Ability to work within Linux, Windows, and Mac environments.
Experience being a member of a security incident response team and working within a SOC.
Practical experience with common encryption and key management technologies.
Comfortable using regular expressions (regex) syntax.
Knowledge and implementation of IT Security fundamentals including the CIS Critical Security Controls ( SANS Top 20 ) and NIST Cybersecurity Framework.
Knowledge of ITIL and ITSM solutions. Experience using common project management, work tracking and reporting tools.
Experience working within formal SDLC and change management processes.
Experience with vendor software implementation, negotiation of contracts, and SOWs.
Excellent problem solving skills and the ability to rapidly learn and apply new highly technical skills.
Superb written and verbal communication skills and the ability to effectively communicate highly technical topics to a wide range of people.
Demonstrated strong interpersonal skills; consistent history of building strong relationships with technical and non-technical consumers of IT services provided.
Ability to work effectively with external vendors and all levels of technical staff, management, and stakeholders.
Strong collaborator and team player who is customer service oriented, with a proven track record of working across a large distributed enterprise.
Excellent planning, time management and organizational skills, ability to create effective project plans and timelines and present them in a group setting.
Ability to work independently, keeping track of a number of continuing problems, requests, and projects. Ability to work on several tasks concurrently.
Working knowledge of at least one high-level programming language, and skill in the design, writing, testing and debugging of computer programs or shell scripts. Examples: Perl, Python, Ruby, PHP, C, Java.

Strong knowledge of ISO, NIST, FISMA and other and risk assessment frameworks.
Familiarity with web development and programming languages i.e. Java, .NET, PHP, XML, Perl and HTML.
Working knowledge of web application firewalls (WAF) such as F5 ASM.
Implementation of SIEM technologies.
Experience working with Argus and Netflow log collection.
Knowledge of email spam/virus/phishing mitigation at an enterprise level, including ClamAV, SpamAssassin, MailScanner.
Windows and/or Active Directory system administration skills.
Unix system administration skills, particularly in the Linux or Solaris environments.
Experience using ServiceNow as both a request tracking and project management tool.
Experience implementing technical security solutions in an AWS cloud environment.
Knowledge and understanding of wireless networking.
Working knowledge of authentication systems, such as Radius, LDAP, Duo Security Multi-Factor authentication, MIT Kerberos, etc.
Working knowledge of Microsoft Office and wiki software. Demonstrated experience creating spreadsheets, reports, charts, and presentations supporting project management, technical communications, etc.
Proven skills diagramming computer networks using diagramming software such as Visio.
Knowledge of State and Federal Regulations and Requirements for data security and privacy.
Knowledge of HIPAA, PCI-DSS, FERPA, GLBA, and other information and privacy compliance programs.
Relevant information security certifications (e.g., CISSP) preferred or the ability to gain a certification within 6 months of hire.

Andy Ballantyne
Sr Technical Recruiter
800-732-4680 x709