10 days old
2018-05-152018-06-12

Senior Security Tools Support Engineer

Minneapolis, MN 55401
  • Job Code
    620984

Senior Security Tools Support Engineer


Overview


-Secondary contact for the initial intake and triage of information security events, break-fix incidents for security systems, and requests related to security systems; determines the nature and scope of the event/incident, and classifies the severity and priority of the incident.


-Investigates and resolves break-fix incidents requiring remediation, sometimes driving resolution with vendor support and/or driving deeper resolution against root cause(s).A primary SOC resource with responsibility to coordinate security incident event correlation and assist with all phases of the information security response lifecycle.


-Analyzes security systems log files; reviews and keeps track of triggered events; researches current and potential cyber threats; reconciles correlated information security events, develops and modifies new and current information security correlation rule sets and operates SOC equipment and technology.


In addition, responsible for monitoring and responding to security information events across multiple locations throughout the United States during established business hours.


Responsibilities


-Responds to and resolves break-fix incidents for security systems.


-Provides guidance and oversight to processes executed by junior members of the team.


-May assist in Enterprise remediation and planning related to break-fix or system upgrade/implementation as needed.


-Codes and maintains SOC correlation and workflow rule sets as needed to counter current and future information security threats.


-Operates SOC technology and equipment on a daily basis.


-Investigates and resolves security incidents and recommends enhancements to improve security protections.


-Participates in the evaluation and testing of hardware, firmware and software for possible impact on security systems.


-Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents.


-Enhances and positively contributes to corporate culture by promoting security goals and objectives.


-Develops and maintains SOC related electronic security controls for event correlation and incident monitoring and response.


QUALIFICATIONS


To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.


-ISC2, GIAC, or similar certifications.


Required Experience:


-2 to 3 years of experience in Information Security Operations/Engineering.


-3+ years of work experience utilizing research, reconciliation, process improvement, problem solving and/or analysis techniques in a multi-tasking multi-transaction environment with deadlines


-End-user based working experience with workflow technology processes and database application systems


KNOWLEDGE, SKILLS and ABILITIES


Required:


-Hands-on experience with three or more the following technologies:


-Host or network-based Data Loss Prevention (DLP)


-Security Incident and Event Monitoring (SIEM)


-Client or network-based anti-malwareNetwork Intrusion Prevention Systems


-Web content filtering/Web Gateways


-Firewalls/Unified Threat Management (UTM)


-Vulnerability scanning/management


-Mail gateway


-Client Disk Encryption


-Privileged Access Managers (PAM)


-Network Access Control (NAC)


-Static/Dynamic/Interactive Application Security Testing


-Web Application Firewall


-Direct experience with two or more security services/processes


-Security incident response


-Threat management


-Vulnerability management


-Secure Application Development


-Threat modeling


-Excellent internet research skills


-Ability to logically and creatively analyze and correlate disparate events and draw relevant conclusions to contribute to process improvement and incident remediation


-Ability to respond immediately to information security threat situations that negatively impact.


-Strong written and verbal communication and interactive skills, for both one-on-one communications as well as communications to small groups. Specific written documentation includes writing run-book articles for the consumption of the balance of the team.


-Ability to manage conflicting priorities and handle multiple tasks/projects concurrently


-Ability to effectively organize, plan, control and prioritize work/projects. Ability to regularly communicate progress to appropriate stake holders. Efficiently manages resources and understands work/project scope, key players, urgency, inherent risks and business benefits.


-Displays and promotes high standards of ethical conduct and behaviors consistent with organizational and government standards


-Ability to consistently carry out job responsibilities to meet deadlines. Ability to deliver on commitments as promised and able to acknowledge when commitments are not met and takes appropriate steps to fulfill what has been promised.


-Ability to clearly and effectively convey information to individuals or groups. This includes the ability to choose the appropriate method or methods of communication.


-Demonstrates the ability to, independently and within a team, analyze, identify and solve problems and implement secure solutions to meet business needs.


-Ability to anticipate, understand and manage customer expectations and consistent delivery of services. Clearly and effectively conveys information.


Preferred:


-Hands-on experience with the following technologies:


-AWS Architecture


-AWS GuardDuty


-AWS Macie


-AWS Web Application Service


-AWS SSO


-AWS Key Management Service (KMS)


-AWS Certificate Management Service


-AWS Secure Token Service (STS)


-Configuring AWS Security Groups


-Configuring AWS CloudTrail and CloudWatch


-AWS Inspector


-Python Scripting


-JSON


-YAML


-Securing Exchange and SharePoint/One-Drive in O365

Categories

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Security Tools Support Engineer

Randstad Technologies
Minneapolis, MN 55401

Share this job

Senior Security Tools Support Engineer

Randstad Technologies
Minneapolis, MN
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
th -
Overall Rating: /199
Median Salary:

Work Environment
Stress
Growth
Powered ByCareerCast