Sr Security Analyst Engineer - (CISSP)
Recruit Professional Services, Montvale NJ
As a key member of the Security Operations you will provide guidance and leadership to security related projects and issues. This includes the development of project plans and schedules as well as the hands-on configuration and maintenance of security applications, service monitoring system, and operating systems.
The position requires the ability to analyze and interpret security incidents and drive outstanding incidents to closure. The position requires assisting in the day-to-day operations of security applications including IBM QRadar, Tripwire, Qualys, Comodo Endpoint Security, McAfee Total Protection Suite, Microsoft Software Update Service (WSUS), ISS Site Protector, Cisco firewalls, and Cisco network Intrusion Detection Systems and other security applications from name brand as well as open source.
Operations support includes the ability to create formal documentation, lead junior staff, and provide recommendations for security improvements. This role will require the individual to multitask and serve as a technical point-of-contact for both security and non-security related issues. The role requires occasional off hours support and on-call rotation.
- At least 5 + years of experience related to technologies listed in Technical and Desired skills sections.
- Broad technical, procedural, operational knowledge of information security application design, deployment, integration, along with Operations and Maintenance.
- Significant experience with Firewalls, IDS/IPS, Proxy Servers and malware prevention is highly desired.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication protocols, cryptography and application security.
- Knowledgeable on network management and monitoring tools.
- Experience with root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture preferred.
- Hands on security troubleshooting, network-based forensics, and proficient with packet analysis tools like Wireshark, TCPDump, TCPView, etc.
- Ability to create simple ad-hoc query, data manipulation, and reporting scripts (Python, Perl, MS Batch, VB are all acceptable)
- Understand Microsoft Active Directory Group Policy Objects (GPO) as it relates to system configuration, patch management, and system security hardening guidelines
- Create formal documentation for project planning, system administration and Operations and Maintenance.
- Proven ability to manage short and long term engagements with multiple project tracks and teams
- Excellent verbal and written communications skills. Create formal documentation for project planning, system administration, builds, and Operations and Maintenance.
- Build, configure, and operate security solutions within an enterprise Microsoft and Cisco environment.
- Understand Microsoft Active Directory Group Policy Objects (GPO) as it relates to system configuration, patch management, and system security hardening guidelines.
- Excellent verbal and written communications skills.
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information System Auditor (CISA)
- Cisco Certified Security Professional (CCSP)
- CompTIA Security+
- Industry security and systems certifications (MCSE, MCTIP, CCNA, GCIH (SANS))
- ITIL Certified and or able to obtain ITIL Foundations Certifications within the next 3 months
- McAfee Total Protection Suite (VirusScan, AntiSpyware, Host-Intrusion Prevention, Policy Auditor, Group Shield).
- Microsoft Windows System Administration
- Microsoft Active Directory Group Policy Object experience
- Microsoft Software Update Service
- Security operations and/or engineering experience
- Security incident response experience
- Desirable to have UNIX/Linux system administration skills (Red Hat Linux, AIX, Solaris) (Secondary)
- Desirable to have database administration experience (MS SQL, MySQL, Oracle) (Secondary).
- Application Software: McAfee TOPS, McAfee VirusScan, McAfee ePolicy Orchestrator, McAfee AntiSpyware, McAfee Entercept (HIPS), Tenable Nessus, Lumeta IPSonar, Sophos AV Management Console, Solar Winds, Splunk, and other Security systems and applications vendors including Open Source.
- Diagnostic Software: WireShark, Windows Command-line, UNIX/Linux Command-line, FileMon, Process Explorer and other Security systems and applications vendors including Open Source.
- Operating Systems: Windows 2000 Workstation, Windows XP, Windows 2003 Server Enterprise R2,.Unix, Linux
- Network Topologies: Ethernet, LAN/WAN
- Network Protocols: TCP/IP, Netbios/SMB, SNMP, ICMP, SMTP, SSH/FTP, RDP, and similar
- Network Firewalls & IDS: Cisco ASA, PIX, network IDS
- Network Management Systems: Cisco Security Manager, Cisco ACS, Cisco MARS
Additional Desired Skills:
- Operating Systems: Red Hat Linux, IBM AIX, Sun Solaris
- Network Operating Systems: Cisco IOS, CATOS
- Network Protocols: RIP, IEGRP, OSPF, MPLS
- Database Systems: MS SQL, MySQL, Oracle
- Data Loss Prevention programs
- Compliance and Risk Management.
Non-Technical Skills: Excellent teamwork skills; written and oral communication skills. Excellent formal documentation skills