Systems Engineer, Mobility & Security
- 333 Westchester Avenue, White Plains, NY, us
Founded in 1970, Annese & Associates, Inc. designs, installs, maintains, and services networks that integrate voice, video, and data to reduce operating costs and increase productivity for schools, government agencies, and commercial businesses in New York and New England.Our Mission is to provide an excellent customer experience as we meet our clients' evolving business needs through comprehensive, industry-leading technology solutions delivered by a caring and talented team.
The Systems Engineer, Mobility & Security is an individual contributor with broad based knowledge in multiple domains of information security, translating security architecture designs received by them into infrastructure or service based solutions predicated on lowering our customer’s exposure to unnecessary risk, and elevating the level of protection for electronic and physical assets. This role can be focused on a single client and a single project or can span across multiple clients or projects as assigned over time. This role may be both tactical and strategic in focus and in large part, executes designs and plans working in concert with a Solutions Architect, Security or a Senior Solutions Architect, Security.
- Lead select security implementation projects with expertise in web, application, cloud and network security
- Assist customers in forming responses and action plans to external and internal audits and external security assessments.
- Participate and sometimes lead security risk assessments, penetration tests, and helping to diagnose and isolate internet, intranet and extranet intrusion attempts.
- Work closely with customer defined DevOps and Engineering staffs to proactively identify and fix or patch security flaws and vulnerabilities.
- Recommend and assist in the application of security “templates”, that is hardened build instructions for both network and servers
- Recommend and assist in the coordination of disaster recovery procedures in the event of a security breach.
- Research emerging technologies in support of security enhancement and development efforts.
- Implement new technologies (to the customer) based off their future state architecture designed to improve security posture and lessen exposure to various threat conditions
- Perform security based upgrades, new installations, enhancements and configuration changes to compute and network components
- Based on project statement of work, monitor daily operations and troubleshoot security problems remotely or on-site
- Implement security tools and systems (Intrusion Detection System, Intrusion Prevention System, Virtual Private Network, Web Application Firewall, Data Loss Prevention, Endpoint Protection, Enterprise Detection and Response, honeypots, SIEM, Vulnerability Scanners, Web Proxies, Forensic toolkits, Multi-Factor Authentication, key management) in customer heterogeneous computing environments that make span on-premises, colocation, private and public cloud computing environments
- Perform security reviews of server/network/web application design within a virtualized environment and ensure compliance with organizational security policies, compliance objectives or security best practices.
- Test physical and logical access control methods for efficacy and understanding across the customer’s environment
- Prescribe and educate customer tooling to detect, investigate and recover from security incidents as well as assisting with incident response planning
- Responsible for raising company-wide security awareness and monitoring information security related web and social sites to stay up to date on current attacks and trends.
- Analyze potential impact of new threats and exploits and communicate risks to relevant business units/IT staff
- Participate and provide technical input in meetings with account team including colleagues, managers and account managers regarding account status, ongoing issues and solutions.
- Complete projects at client sites thoroughly and on-time.
- Resolve service delivery and client issues as needed.
- Submit detailed records in a timely manner (time sheets, tickets, reports, etc).
- Identify and escalate business and technical challenges as appropriate.
- Keep accurate, timely and thorough client site documentation.
- Attend and participate in regularly scheduled team meetings.
- Available for on-call and emergency response as needed.
- Identify and recommend improvement opportunities that are consistent with client needs.
- Professional appearance as outlined in the Annese handbook.
- Off-hour work and overnight travel may be required.
- Maintain a high level of professionalism with customers, vendors and staff.
- Perform all responsibilities in alignment with the core values of Annese & Associates, Inc.
- Follow Annese standardized processes and procedures for technology implementation.
- Complete understanding of all 7 Layers of the OSI Model: Physical, Data, Network, Transport, Session, Presentation, Application
- Troubleshooting Skills: Packet tracing and Process Debug, ability to solve system interdisciplinary performance problems or availability events
- Technologies & Protocols: Majority of the following: TCP, HTTP, SSL, FTP, VPN, LDAP, DNS, DHCP, SMB, NFS, iSCSI, FCOE, FCP, SMTP, knowledge of cloud based architectures: in particular AWS; IAAS, PAAS, SAAS, Sec-As-A-Service, plus some of the following commercial and open source tools: Nessus, NMAP, Qualys, OpenVas, OSSEC, OpenSnort, John the Ripper, Metasploit, Wireshark.
- Security Information & Event Management: Prior experience with systems design relating to event correlation and analysis from a variety of sources – Network and Host Based IDS/IPS, Web Application Firewalls, Email Security Gateways, Syslogs
- Big Data Exposure: Basic conceptual knowledge of technologies: Hadoop, Kafka, Storm, Spark plus exposure to large scale event correlation tools like Splunk or Oracle Analytics beneficial
- Solid Prior or Current Hands-on Skills are needed in the following technologies:
- Operating Systems (Combined Server and Desktop):
- Windows NT to 2012 R2
- Windows XP to Windows 7 minimum; Windows 8 & 10 Beneficial
- Linux (RHEL preferable, but other distros: CentOS, Fedora, Ubuntu, Debian can all substitute)) up to 7.2 (November ’15 release), must be able to execute a wide array of Linux System and Network Commands from a Command Line, not a GUI.
- MAC OS (7.0 to 10.6.8)
- Mobile OS for Future MDM Support
- iOS (7.1.2 to 9.3.x) & Android (Ice cream sandwich to marshmallow)
- Windows Mobile not required
- Any Cisco Security Certification valued; CISSP or CEH a big plus, MCSE beneficial
- 5 Years’ Experience managing Cyber Security technology
- 7 Years of Overall Experience with a combination of Security, Infrastructure and Applications management
- Experience with App Tier Server Platforms including JBOSS, WebLogic or WebSphere & Web Tier Software including: MS IIS & Apache Tomcat
- Must understand content and policy for Cisco ISE and MSE
- Must have MDM tool experience: AirWatch, Mobile Iron, Symantec, or Meraki (just one)
- Experience with Cisco ASA Firewall preferred. Helpful to have experience with Juniper, Palo Alto or CheckPoint; FirePower; AMP for networks and endpoints.
- F5 BigIP and F5 WAF experience desired
- Endpoint protection: Sophos, Trend, Symantec, McAfee mandatory; EDR products like Carbon Black or Cylance beneficial
- Working knowledge of PCI, HIPAA, SOX 404, GLBA
- Must understand threats: Trojans, Worms, Virus’, Phishing, Flash, WordPress, DDOS, Ransomware
- Must understand the cyber-kill chain: reconnaissance, weaponization, delivery, exploitation, installation, command and control.
- High level knowledge of key steps and processes of digital forensics/incident response
- Cursory familiarity with NIST 800 Series and ISO 17799
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. This position is active and requires standing, walking, bending, kneeling, stooping, crouching, crawling and climbing. The employee may be required to lift or move items up to 10 pounds and occasionally lift or move items up to 100 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.