The Senior Systems and Security Engineer provides technical oversight of security and systems administration to manage the execution of daily enterprise operations, while driving the identification, prioritization, and fulfillment of new tasks/projects that provide value to the customer while increasing the performance, availability, supportability, and/or security of customer systems and services.
This position will provide specific oversight and direction of IT security to ensure policies and technical configurations are implemented in manner that best protects the customers services and data across the enterprise network. As such, candidates must demonstrate subject-matter expertise in network security practices to include the full administration of firewalls, vulnerability identification and mitigation, and best practices for securing/hardening network systems. Additionally, the ideal candidate will have extensive experience in the administration of Windows and or Unix systems, from workstations to servers including Active Directory or other directory service administration.
Duties and Responsibilities
-
Develop and implement proactive IT security measures and practices to protect customer systems from exploit – specifically focused on firewalls, external access control points, and vulnerability assessment/mitigation Identify and manage projects related to IT security and overall enterprise operations and maintenance, to include the task delegation and status reporting while coordinating activities within the immediate team and across the IT department
-
Develop and document detailed processes and procedures related to the analysis of security vulnerabilities, auditing of key security factors, and notification/mitigation of security findings
-
Produce detailed reports of auditing activities that demonstrate proactive management of enterprise security.
Success Factors / Job Competencies:
-
Proven track record of task/project ownership and management, while promoting teamwork to drive the closure/delivery of high priority requirements
-
Seeking individual to work well along other senior engineers, subject matter expert/architects as well as other system technicians in a team environment
-
Superb communication skills requested, along with ability to work with other vendors and organizations to achieve best results
-
Polished and professional writing skills demonstrated by the creation of detailed reports and meaningfully organized data that allows senior leadership to make rapid assessments and decisions.
-
Always exhibits an attitude that promotes a positive work environment in high paced, challenging circumstances Solution-oriented view to any challenge.
-
Understanding of and experience with change and configuration management principles and policies while adhering t strict guidelines and policy set forth by customer.
-
Superior interpersonal skills, patience, clear oral communications, an ability to convert technical jargon into layman’s terms and the ability to juggle priorities on-the-fly Physical Demands and Work Environment:
-
Standard work environment with occasional lifting requirements to install equipment
Qualifications:
-
Degree from accredited college or university in related field, or equivalent years of specialized technical experience and/or technical training
-
At least 15 years of progressively more responsible or complex experience in technical IT support functions in a hands-on Role
-
Experience in administration of enterprise "next generation" firewalls and configuration of firewall rules to secure internal systems and services – prefer specific experience with Palo Alto or CheckPoint firewalls
-
At least 10 years of progressively more responsible experience in the administration of servers running Windows Server 2003/2008/2012 and/or Unix operating systems
-
Experience with the identification of network and system vulnerabilities through security scanning tools and through the monitoring of industry security publications and reports for known exploits
-
Experience with site vulnerability assessments, such as the Certification and Accreditation process or FISMA audits
-
Experience disaster recovery and continuity of operations planning to include data backup, data replication, and high availability implementation
-
Experience in systems architecture design and implementation, including Active Directory, TCP/IP protocols, DHCP and DNS technologies, and LAN/WAN topologies and transports, key management, authentication services, and remote access Solutions
-
Full lifecycle support of servers and workstations to include image development, server and workstation build processes, group policy creation and deployment, system patching, performance and event monitoring
-
Experience with the implementation of continuous monitoring of network and server resources, to include the configuration and tuning of monitoring applications
-
Familiarity with storage infrastructure including, storage provisioning, issue resolution, capacity management, and ensuring servers, storage arrays and SAN switches are fully operational.
Required Certifications: CISSP or CISM
Preferred certifications: CCIE Security, Firewall certifications (Palo Alto or Checkpoint Preferred), MCSP, CCNA Essential Functions