Sr. IT Security Engineer

» Sr. IT Security Engineer
Information Technology
in Tampa
, FL
Reference: 19-02252

Essential Functions:

  • Evaluate, design, develop, implement and/or integrates security solutions
  • As a subject matter expert, build, consult, validate, and verify system and application security designs
  • Lead, perform or review security incident investigations
  • Design, implement, test security controls and manage the associated remediation if needed
  • Assist in formulating security architecture recommendations and design security services
  • Perform project leadership tasks on select security projects including development of requirements, evaluation of competing products, selection and implementation of products
  • Consult, validate and verify system and application security designs
  • Evaluate, implement and/or integrate security solutions
  • Assist in developing responses to internal and external audits, penetration tests and vulnerability assessments
  • Recommend and coordinate the application of fixes, patches, and recovery procedures in the event of a security breach
  • Research emerging technologies in support of security enhancement and development¬† efforts
  • Conduct risk assessments, penetration tests and diagnose Internet/extranet security, intrusion attempts, and cyber-crime response
  • Validate and verify system and application security requirement definitions and analysis

Minimum Qualifications:

  • A Bachelor’s degree in Information Security/Computer Science required or equivalent work experience required
  • Preferred 8+ years of experience in information security program development and execution required
  • A history of working in collaborative, team-oriented environments with a commitment to results and a proven track record of accomplishments
  • Other significant experience doing internal and external penetration testing i.e. white hat hacking
  • Information security auditing experience
  • Other solid experience with application security practices
  • GIAC Penetration Tester (GPEN) GIAC Certified Incident Handler (GCEH) or equivalent required
  • Strong Knowledge of Security Frameworks (ISO 27002, NIST 800-53, COBIT, HITRUST)
  • Knowledge of security regulations and standards (HIPAA, HITECH, SOX, PCI etc.)
  • Hands-on experience with firewalls, DLP, vulnerability assessment tools (infrastructure and application) IDS/IPS, SIEM, 2 factor authentication, static and dynamic code analysis tools etc.
  • Strong knowledge of common operating systems (Windows, UNIX) and authentication (Active Directory, Centrify)
  • Proficient with Microsoft Word, Excel, SharePoint, PowerPoint, Access and Project
  • Must be able to perform hands-on support for a wide range of security¬† technologies including, but not limited to mSEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners,¬† eDiscovery and forensics software, and security incident response etc.
  • Strong understanding of and familiarity with application and network security