Senior Security Operations Engineer

Senior Security Operations Engineer
 
 
The Senior Security Operations Engineer is to follow a coherent and comprehensive suite of information security procedures to address those risks that are deemed unacceptable, and ensure the information security controls continue to meet the organization's needs on an ongoing basis. Stay current with security threats and technologies to ensure that existing technology is properly tuned or if there is a need to procure and implement new technologies to mitigate or reduce risk. Provide second tier support advice and guidance to security operations engineers on implemented technologies. Ensure incident response and disaster recovery procedures are up to date and executable.
Responsibilities
  • Keep implemented security products up to date and tuned for peak performance within the company environment.
  • Ensure compliance with company policies and procedures, payment card industry (PCI) standards, and international organization for standardization (ISO27001) standards; assesses local (LAN) and wide area network (WAN) environments security posture and topology, reviews security relevant documentation, and preparing papers discussing results of analysis to help protect and secure company data, infrastructure, and systems and educate stakeholders on possible threats.
  • Integrate and automate tasks with implemented security technologies using APIs and scripting technologies.
  • Test, recommend and implement new technologies, including working with other business technology teams and groups to assess, implement, and monitor technologies within areas outside security operations.
  • Be SME on implemented security technologies and have good understanding of enterprise business technologies to be able to assist security operations engineers at a second tier level.
Requirements Education and Work Experience Required •Bachelor's Degree in Computer Science or related field, or 10 years of IT experience without a degree. •5+ years of working in an IT field required •3+ years installing and implementing complex technologies. •3+ years of experience with application/network/OS security products. •1+ years working with APIs and workflow integration. •Unix and Windows services experience. •7+ years of Information Security experience preferred. Specific Knowledge and Skills •One of the following certifications preferred - CCNA, MCSE, Cisco Security Specialist or CISSP, or equivalent •Hands on experience in multiple security areas such as: intrusion detection\prevention, enterprise anti-virus, threat management, vulnerability management. Ability to write understandable reports including process or product improvement recommendations, root cause analysis, security summary analysis, and project roadmaps •Unix and Windows services experience; detailed understanding of next generation firewalls and web application firewalls. •A strong understanding of encryption technologies, DLP, multi-factor authentication, email filtering, API integration and scripting. •Strong understanding of encryption technologies, DLP, multi- factor authentication, email filtering, API integration and scripting. •Detail oriented, organized, and deadline driven. •Compliance with ISO and PCI protocols. •Strong written and verbal communication skills •Accuracy and attention to detail •Ability to function well with all levels of organization. •Must be able to effectively handle multiple projects simultaneously in a deadline driven environment. EOE M/F/D/V Females and Minorities Encouraged to Apply
Louisville
KY