Description
6 month + contract with possible extensions for a Security Engineer.
Must have the following skills:
5 or more years IT Security experience. Must be experienced in Microsoft Active Directory, security settings, group policies.
Current security certification such as CISSP, CISA or other audit certifications a plus.
Require experience managing audits, planning tasks, prioritizing, compliance reporting.
Should have knowledge and experience working with PCI standards.
Should have experience working with system, Firewall, database, application logs.
Understanding of technical aspect of information security including TCP/IP, Firewall, Encryption, Certificates, IPS, syslogs and SIEM, Antivirus, APT, SIEM, OWASP.
Strong written and oral communication, analytical and problem solving
Responsibilities include:
The position will include a mix of compliance related work (60%) and security administration duties (40%).
Compliance work will include the management, planning and execution of security audit, collection of evidences, and follow-up on daily, monthly, yearly tasks.
Plan and participate in PCI audit preparation, 3rd party audit, run reports, participate in remediation projects.
The technical duties will require monitoring tasks of Servers, Firewall, and other application logs for unusual/suspicious activity breaching compliance requirements.
Identify potential threats, participate in incident response, report on incident.
Investigate cause of security violations, and recommend corrective actions
Implement security policies and procedures to improve SGA prevent information theft or disruption of operation. Educate and communicate compliance requirements and procedures to users.
Work with the enterprise corporate security team on identifying and planning on-going security remediation and patching of security issues
Local Candidates preferred. Must have excellent communication skills.
Must be able to pass a 20 year criminal background check.