Moneta is looking for a Information Security Engineer/Senior Engineer for our business partner in the technology sector.
· Participate as a member of the Information Security team in developing and maintaining organization’s security strategies
· Own the architecture and management of Information Security systems which include: Centralized Logging, Intrusion Detection, Application Vulnerability Scanning, Penetration Testing, SIEM and Encryption and Key Management
· Support security analysts with event/alert investigation escalation
· Attend and participate in after hours and weekend maintenance as necessary
· Perform rule tuning/optimization for the following systems: Centralized Logging, IDS, Application Vulnerability Scanning, SIEM and Vulnerability Management
· Perform risk assessments against existing controls and technologies as well as new functionalities and architectures
· Act as a liaison to development teams to ensure that security is being adequately addressed during application development and deployment
· Assist in third-party vendor management and oversight
· Identify, create and maintain security-related documentation
· Maintain ongoing knowledge of information security technologies
· Attend and participate in staff, project and vendor meetings
· Maintain and ensure confidentiality of company, client and employee data
· Participate in Incident Response investigations as a member of the SIRT Team
· 3-5 years’ experience in Information Security or a security-related field
· Strong demonstrated understanding of systems integration, web-based applications and n-tier technologies and architectures
· Strong demonstrated knowledge of application testing methodologies and strategies
· Experience with application design and development from business requirements analysis through day-to-day management
· Ability to work with development teams and individual developers to achieve desired results within defined parameters
· Good understanding of computer systems characteristics, features and integration capabilities
· Demonstrated understanding of business requirements/drivers and ability to integrate into security initiatives and projects
· Knowledge of ISO 27001, HIPAA, GLBA, and other information security rules and regulations
· Knowledge of software development lifecycles and philosophies
· Exceptional analytical and problem-solving abilities
· Experience coordinating initiative efforts across geographically dispersed offices and project teams
· Ability to set and manage priorities judiciously
· Excellent communication and interpersonal skills
· Expert attention to detail
· Ability to produce clean, concise diagrams and documentation
· CISSP Certification, or the willingness and ability to obtain within twelve months
· GCIH, CERT-CSIH or similar industry-standard incident handling certification or willingness and ability to obtain within 12 months
· Experience working within Agile framework and continuous delivery/integration
· Proven experience with incident response and forensic investigation and analysis
· Essential Job Functions:
o Interact effectively with teammates, colleagues and customers
o Comprehend and communicate complex concepts
o Concentrate, analyze and resolve complex problems
o Utilize technology (e.g. phone systems, computer hardware and software applications) to fulfill work requirements