• Share this Job

Information Security Engineer

Location : Silver Spring, MD
Job Type : Direct
Hours : Full Time
Required Years of Experience : 7
Required Education : Bachelor's Degree Required
Travel : No
Relocation : No

Job Description :

Veritas Partners has an immediate need for a full-time Information Security Engineer to join our team in the greater Silver Spring, MD area.  This position will be a HYBRID role with a reputable financial institution with competitive pay and benefits!


 


The successful Security Engineer will be responsible for monitoring, analyzing, and maintaining our technical security controls in support of our Information Security Program. This role will be focused on maintaining the security of the applications and network which includes creation and timely execution of project plans, tool installations, assisting with upgrades of our technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity, and availability of our information systems and infrastructure are sufficiently mitigated which in turn, supports the bank’s operational goals. The role will also perform triage and analysis of security events escalated from the Tier1 and Tier-2 support teams.


 


RESPONSIBILITIES:


·        Maintain an efficient and secure IT infrastructure.


·        Assist in the execution of information security projects with other engineers, vendors and consultants.


·        Review, analyze, and update network security tools and document, troubleshoot, and remediate issues.


 ·        Work with managed service providers, network administrators, and Security Operations to resolve problems, evaluate new solutions, recommend changes, and investigate incidents.


 ·        Analyze reports, identify, and distribute action items or service tickets to support teams or vendors to address workstation, server, or network issues.


 ·        Document and Submit Change Management events in appropriate forms and represent changes to Change Advisory Committee.


 


QUALIFICATIONS:


 ·        Bachelor’s degree in Computer Science or Information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.


 ·        7 years’ experience in a combination of information security operations/engineering/administration with emphasis on deploying security products.


 ·        4 years’ experience with designing and implementing information security technologies required


 ·        Familiar with security tools used for Privilege Access Management (PAM), Security Event Incident Management (SIEM), Endpoint Security (EDR), etc.


·        Experience working in Microsoft network security environment with knowledge of Active Directory, Group Policy, etc. Knowledge working in Azure AD environments on Azure and O365 a big plus.


 


Preferred:


 


·        Hands-on experience with AD tools for inventory, analysis and report on Active Directory structure, objects, permissions, etc. Detect and respond to unusual file access and activity which could indicate insider threats or advanced account takeover attacks using user behavior analytics.


·        Experience with malware analysis using sandboxes.


·        Experience with information security on the public cloud (Azure, O365) environment


·        3 years security engineering/administration in the financial sector


 


Required Certifications, Licenses or systems needed :


One or more of the following certifications (or equivalent):


·        SANS GIAC Certifications, such as


 o   GPPA: GIAC Certified Perimeter Protection Analyst o GCIH: GIAC Certified Incident Handler


o  GPEN: GIAC Penetration Tester


·        CASP (CompTIA Advanced Security Practitioner)


·        EC-Council Certified Ethical Hacker (CEH)


 


Preferred Certifications, Licenses or systems:


One or more of the following certifications (or equivalent):


·        SANS GIAC Certifications such as


o   GSAE GIAC Security Audit Essentials


 o   GWAPT GIAC Certified Web Application Penetration Tester o GSE GIAC Security Expert


 ·        EC-Council Certified Security Analyst (ECSA)


·        ISC2 System Security Certified Practitioner (SSCP) or other ISC2 or ISACA certifications


 


 


KNOWLEDGE & SKILLS REQUIRED


Required Knowledge & Skills:


·        Knowledge of TCP/IP networking: networking topology, protocols and services.


·        Excellent knowledge of Privilege Access Management (PAM) Tools, like CyberArk or Thycotic.


·        Knowledge of Active Directory (AD) Audit Tools like Stealthbits, Varonis, Netwrix, etc.


·        Excellent knowledge of SEIM (LogRhythm), NBA (ExtraHop, Stealthwatch) or UEBA tools.


·        Excellent knowledge of Microsoft Operating system. Knowledge of Linux operating system is a plus.


·        Strong Active Directory and Windows Group Policy (GPO) knowledge.


·        Networking technology and protocols, including routers, switches, VPNs, Citrix, email gateways, etc.


·        Microsoft Cloud Experience – Azure Security Center, O365 Security Center, Azure Sentinel, etc.


 
Required Qualifications :
 
Powered by AkkenCloud
www.hireveritas.com