• Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels
• Support AWS and Azure cloud operations in securing the AWS and Azure environments
• Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role based access control, and Managed Service Identities
• Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency
• Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks
• Expertise in shell scripting and other programming languages, such as Perl and Python
• Proficiency in understanding and using regular expressions (regex)
• Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods
• Work closely with the compliance team to identify and document information security risks
• Guide the network and operations teams in implementing security best practices
• Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality
• Implement, and support security solutions including but not limited to Intrusion Detection/Prevention, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, Web Application Vulnerability analysis and Configuration Management
• Develop operational best practice procedural documentation for security operations staff
• Lead the development and documentation of various systems, policies, procedures, and customer deliverables
• Research new products and make appropriate recommendations
• Develop detailed project plans, tasks, timelines and provide verbal and written status reports as needed
• Conduct on-going security assessments, document, track and drive remediation activities to completion
• Provide on-call support as needed

Qualifications

• BS in Computer Science, Engineering or related field required
• Minimum 5 years of experience supporting enterprise level environments
• Must have a good understanding of the following: Log correlation, SIEM technologies (ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Nexpose, etc.) and other related technologies
• Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc.
• Understanding of cloud solutions and cloud security best practices in environments such as AWS and Azure
• Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, ISO 27001, SOX, FedRAMP and etc.
• Demonstrate proficiency in one or more of the following operating systems: Linux, Windows, or Mac OS
• Working knowledge of firewall and web filtering technologies
• Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment
• Excellent verbal and written communication, presentation, and interpersonal skills
• Able to define, document and support systems, policies, and procedures
• Excellent analytical, problem solving and troubleshooting skills
• Good knowledge and experience designing network, system and application security architectures
• Ability to efficiently handle multiple projects with shifting priorities
• Able to anticipate and mitigate risks as well as define architectural solutions