|Date Posted||October 3, 2019|
Lead Network Security Engineer
This Engineer will be leading a group of 3-5 security engineers. They do not need leadership experience they will grow you into that. Our client is looking for a good System admin or Network engineer that has worked with Cyber security in the past. Candidates need to have a strong understanding of network security. You will be maintaining and implementing security firewalls. Our client uses Cisco firewalls but they are open to any firewall experience. It would be nice if candidates had experience with CIS, Nist, CSF, or any Finance regulations, but the manager is pretty open. They also would like candidates to have experience with SIEM, and Logs.
Work with the Information Security and Information Systems teams to ensure security best practices in existing and current processes and configurations throughout the organization.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through credit union workstations, servers and other systems and in databases and other data repositories
- Evaluate, design, architect, test, deploy, configure, administrator, and maintain our clients Information Security monitoring and scanning solutions.
- Work with Information Systems teams and vendors to optimize Information Security solutions and/or systems.
- Automate security analytics. Drive up signal-to-noise ratio and eliminate low-value work.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
- Identify and monitor metrics regarding the state of security in the environment.
- Analyze threat data and act as an escalation point for the security operations team.
- Participate in root cause analysis of critical events for improving preventative and reactive processes
- Participate in the governance process and contribute to the development of security policies, procedures and standards.
- Work with other business areas to explain security concepts, make recommendations, and help drive security initiatives
- Complete all BSA related training annually and maintain knowledge of current BSA policies, specifically those related to functions performed within the department and identify and report possible suspicious activity.
- Perform other job-related duties as assigned by Management.
The Ideal Candidate Should be able to speak to their experience with:
- Networking/Switching, BGP, DNS, DHCP, SNMP, RADIUS, KERBEROS, SFTP, LDAP, VoIP Firewalls, SIEM, NAC, AV, Web Filtering, DLP, IDS/IPS, WAF, Vulnerability Management
- Microsoft Domains, Office 365, Active Directory, Group Policy, and so on; Linux, Databases
- Cloud Computing, Virtualization, Containers
- Scripting such as with batch, shell, and or powershell o Application Security, Secure SDLC DevSecOps, Agile, Scrum
Education and Experience Requirements:
- Bachelor's Degree in Information Security, Cybersecurity, Information Technology, or related field Security related certifications, such as CISSP, SSCP, ECSA
- 4+ years of experience in Cybersecurity
- 8+ years of experience in Information Technology
- Experience with CIS Critical Security Controls, NIST 800 and CSF, and FFIEC frameworks
- Experience with managing Microsoft Active Directory, Group Policy, DNS
- Experience with managing SIEM, Logs, IDS/IPS, DLP, Web filters, AV, and WAF solutions
- Troubleshooting, problem solving, documentation and communication skills
- Knowledge of common protocols such as SNMP, HTTP, HTTPS, SMTP, NTP, LDAP, KERBEROS, RADIUS and FTP
- Network and Firewall experience/configuration a plus
Job Competencies (Preferred)
• Team Leadership and IT/Security Project Management, Road-mapping, Prioritizing
• Financial Institution/Services experience, or similarly regulated field
• CISSP or similar certifications, education, or work experience
• Experience with FFIEC CAT, NIST 800 series and CSF, CIS
• Adaptable, takes initiative, is action oriented, collaborative
• Continuous learner, who keeps up on the evolution of the IT and security industries
Nesco Resource is an equal employment opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or veteran status, or any other legally protected characteristics with respect to employment opportunities.