Information Security Engineer – 14013
Our direct client is one of the top companies that provides cloud computing and platform virtualization software and services. They are currently in urgent need of an experienced Information Security Engineer. This Contract role located in Atlanta, GA.
This individual will be responsible for working effectively with numerous cross-functional stakeholders across the company (Finance, IT, HR, Security, Operations teams, Product Groups, etc.) to engage on all aspects of control and process design, testing, implementation, deployment/execution, monitoring, documentation, and remediation activities as needed. The ideal candidate should be organized and extremely detail oriented with broad knowledge of controls, compliance activities, security tools, and related best practice standards and methodologies.
The Information Security Engineer will serve as a key member of the company’s Federal Information Security Program by supporting ongoing compliance activities, security engineering and monitoring efforts across multiple Federal initiatives, as applicable. The engineer will provide input for design, testing, engineering, and implementation of security solutions in all aspects of Information Assurance and Information Security. This includes being able to assess and mitigate system security threats and risks, validate system security requirements, establish system security designs, implement security designs in hardware, software, data, and procedures, verify compliance with system security requirements, and perform system certification, testing, validation planning, and act as liaison with other departments and business units to supporting ongoing system security operations and maintenance.
Specific Roles and Responsibilities include:
• Ability to design and develop information security architectures that support control implementation within existing architectures
• Capable of independent management of projects from design through implementation and ongoing monitoring.
• Perform Security tool integrations with multiple business units across various Federal initiatives.
• Apply an enterprise-wide set of disciplines for the planning, analysis, design, and construction of Information Assurance solutions based on relevant (and various) information security regulations and standards, including ISO27001 requirements, FedRAMP, PCI, SOX, EU Data Privacy Directives, and Security of Network and Information Security Directives.
• Develop analytical and computational techniques and methodologies for problem solutions
• Perform enterprise wide strategic systems planning, business information planning, business impact analysis on a scheduled or ad-hoc basis to ensure ongoing Information Security activities within the enterprise. This includes performing process and data modeling in support of the planning and analysis efforts using both manual and automated tools.
• Provide technical guidance in software engineering techniques and automated support tools.
• Implement, test, document, and maintain enterprise-wide Information Security solutions
• Establish functional and technical specifications and standards, solve hardware/software problems, define input/output parameters, and ensures interoperability of proposed solution
• Perform analysis at all system levels to include: concept, design, test, installation, operation, and validation.
• Analyze and identify all or part of a business unit’s existing or new peripheral, network, and systems architectures
• Coordinate, facilitate, and maintain ongoing Information Security programs including the remediation of identified vulnerabilities, security alerts, and applicable reporting metrics.
- BA or BS degree in IS or related field required (Information Security, Computer Science, Computer Engineering, or related Engineering) or equivalent.
- Must have a minimum of five to seven years work experience in Information Security including network and system security, and Compliance or Audit experience including working with Industry regulations and standards (ISO27k1, PCI, SOX, FedRAMP, and data privacy directives)
- Must have experience in Security Risk Assessment/analysis support.
- Must have excellent communication and customer interface skills.
- Must have experience working within a large enterprise
- Strong knowledge of Windows, Linux and OSX operating systems and environments including knowledge regarding active directory and group policy, networking architecture design and implementation, virtual environments, and data-center design (Windows Server 2012R2, RedHat and Microsoft SQL a plus)
- Strong experience developing and deploying system architectures within cloud/AWS datacenters including integrated security tool deployments
- Strong information security domain knowledge and experience.
- Expert level knowledge regarding the implementation, deployment, and usage of security tools and programs, including: Intrusion detection/prevention software, such as Redlock, AlienVault, qRadar, Log Rhythm, ArcSight ESM - Vulnerability scanners, such as Qualys, Tenable.io, Nessus, and Nexpose - AD audit tools, such as NetWrix - Web Application scanners, such as Acunetix - Log Aggregation/management tools, such as AWS specific tools (Cloudwatch and Cloudtrail), Elastic, Splunk, and Log Insight - Ticketing systems and integration with the above through ServiceDesk Plus, Service Now and ZenDesk
- CISA, CISSP, PMP, CRISC, Security + and/or other relevant designations
- Experience in large scale compliance or auditing environments
- Systems Engineering, Integration, and Technical Support within environments containing various levels of technical acumen.
- Experience with SOCII and/or audit criteria definition
- Experience performing vulnerability assessments, QA testing, Implementations & Validations.
- Scripting experience in the area of vulnerability testing.
- User account management experience and IAM.
- QA testing experience.
1) What hours/days will this person be working? 8-5
2) What are the top 3 skills/requirements this person should have? Federal Security tool deployment configuration, AWS cloud deployment knowledge, federal compliance/healthcare
3) What are the top 3 soft skills this person should have? Communication (written/verbal), organizational, and prioritization
4) What are other requirements? a) Education level - BA or BS degree in IS or related field required (Information Security, Computer Science, Computer Engineering, or related Engineering) or equivalent. b) Previous experience (industry) - high tech, software, cloud computing on enterprise level, regulated environment
5) What is the environment this person will be working in? Team is 6-7 in Atlanta
6) Does this position offer the ability to work remotely on a regular basis or is it an on-site role? Onsite role, remote occasionally
- Contract Role
- Location: Atlanta, GA
- Onsite interview Preferred
Interested in Applying?
We can’t wait to see your resume! Please apply below with your most current resume and anything else you’d like us to know about you (US work authorization, current location, etc..) Feel free to contact Mehnaz at 408-715-1210 x 102