Sr. Security Engineer
Opportunity is available for a Security Engineer to support our client located in Mountlake Terrace, WA for a 6-month contract.
In this role, you will be an influencer on our client's Cybersecurity and IT leadership. This dynamic role will blend your technical skills (Secure Development Lifecycle, Accreditation, coding and scripting, VSTS/Agile) with your soft skills (leadership, education and awareness, being a security evangelist). As a senior member of the team, the Info Security Engineer provides mentorship and technical expertise to less experienced engineers.
- Bachelor’s degree in Information Systems or Business Administration or four (4) years’ experience.
- Eight (8) years’ experience designing, implementing and troubleshooting networked computer systems, including systems integration, hardware requirements and network design planning; vendor negotiations for hardware and software; which must include:
- Four (4) years’ experience with secure network and systems architecture, design and implementation, intrusion detection, defence and incident response, security configuration management, access
- Current certification in Information Security, or ability to obtain certification within 6-months of hire. Examples of appropriate certifications include CISSP, GIAC, GSEC, and SSCP. controls design and implementation and security policy and standards development.
- Demonstrated understanding of health plan operations and applicable security & privacy legislation.
- Knowledge of business continuity planning practices
- Knowledge of applicable practices and laws relating to data privacy and protection.
- In-depth knowledge of the following technologies and protocols: ARP, TCP/UDP, IP, NetBIOS, Radius, 802.1x, Bind/DNS and Active Directory, LDAP, SMTP, DHCP, SSH, SFTP, FTP, TFTP, SNMP, SSL/HTTPS, NTP, Sun, Syslog, VoIP, QoS, VLANs and trunking; Wireless protocols: 802.11 specs, WPA/2, WEP, TTLS, PEAP; Routing protocols: RIP/2, OSPF, EIGRP, Frame-relay, and MPLS. Database Systems: SQL Server, Oracle, MySQL, and DB2. File systems: FAT, JFS, NTFS, ext3, and managing volume groups, RAID-sets, etc.
- Demonstrated understanding of Operating System architecture as it relates to the functions of the following components: OS kernel, OS kernel modules and device drivers, memory management, inter-process communication, security subsystem, user account rights, user group rights, system logs, I/O functions, network services, file-system permissions, and application interaction with the Operating System.
- Applies advanced understanding of INCITS, ISO/IEC, W3C, and IEEE engineering and technology standards
- Provides relevant security and compliance oversight of technology during architecture design, installation, and on-going maintenance. This includes all computing resources implemented, owned, or used by the company.
- Evaluates any proposed technology solution for adherence to documented company standards, policies, and regulatory responsibilities.
- Performs risk assessments and penetration-testing on proposed technology solutions; create risk statements, summaries and presentations for management so that risks can be escalated to the proper level for corrective action.
- Maintains current expertise in security hacks and network penetration methods. Defines and documents defensive tactics. Defines and oversees implementation plans for security configuration changes.
- Provides advanced technical analysis and evidence capture as Level 3 technical support for security incident response.
- Conducts impact assessments for security patches and oversees implementation of recommended patches.
- Defines IT policies, standards and procedures to assure technical compliance with enterprise security policies and promote consistent use of best practices in information security. This includes regulatory standards such as SOX, HIPAA, PCI, GLBA, and various state and federal privacy laws.
- Responsible for the security of sensitive data, including integrity, availability, and confidentiality, as required by the job function.
Equal Opportunity Employer Minorities/Women/Veterans/Disabled