Network Security Engineer II

Location: Kansas, Kansas
Date Posted: 03-30-2017
 GC or US Citizen
I: Technical Phone, F2F potential 2nd F2F
S: (See more below) Information Security, Network security, SIEM, advanced security control solutions, preferred certs: GLSC, GCIH, GMON, GPEN, OSCP or degree program with focus on security. 
A: Omaha, NE and Kansas City, MO (1 position each)
This company maintains the culture that was started by the founder. They are all about their employees, having never laid off a single employee to date.
Company Sell
This company all but guarantees job security and flexibility, especially under this particular hiring manager.
This is why they do C2H, fit is very important.
The hiring manager, says his security team operates as a "family." Everyone on his team is involved in decision making. He likes to bring in "guys that are smarter than him" and likes to let them do things their way in order to foster creativity and growth. He feels that his team is very sharp and would like to maintain that dynamic. He also likes former servicemen as well. Acknowledged that they don't pay the most, but what they lack in salary, they make up for in job security, flexibility, independence, ability to be creative, core values.
Summary: Perform assigned tasks and responsibilities for IT Security Operations. Responsible for assigned risk assessment tasks, incident response, network data event monitoring and interfacing with internal IT Division and external business groups to ensure appropriate and accurate technical support, security responses and functions. 
Monitor and identify security control gaps and events of compromise.
• Assist with the evaluation and implementation of advanced security control solutions (e.g. malware, virus, and phishing protection, privileged account management, and security incident event monitoring (SIEM).
• Assist in identifying and defining system security requirements.
• Monitor and advise on information security issues related to the systems and workflow to ensure internal security controls are appropriate and operating as intended to prevent events that negatively impact confidentiality, availability and integrity.
• Review security event logs, and collaborate with internal partners to remediate system security anomalies.
• Perform vulnerability and visibility scans, information system hosts penetration tests, conduct analysis and provide reports for remediation processes.
• Conduct security research in keeping abreast of latest security issues and compliance.
• Assist with the analysis, implementation, research and technical security controls of data and systems. Determine and report baseline variance for all applicable technology environments. 
Respond to incidents and work with other teams to resolve IT security issues.
• Monitor security systems including response to issues.
• Follow SOC procedures and processes to support Firewalls, Content Engines, Intruder Detection or Prevention Systems.
• Identify and respond to malicious activity on critical network infrastructure.
• Maintain accurate records of system baseline operations and documentation for status reporting.
Ensure internal customers develop and maintain security controls to comply with risk management objectives.
• Participate in the collaboration with internal and external partners to manage security vulnerabilities and remediate security issues.
• Perform incident response procedures to information security incidents.
• Assist with the development and maintenance of department recovery and continuity work practices.
• Bachelor’s degree in Information Security or equivalent relevant work experience.
• Three years experience as a network security engineer or analyst required
• Experience with security management, information security risk assessments, network security management, application design and architecture, network engineering.
• Certifications preferred - GLSC, GCIH, GMON, GPEN, OSCP or degree program with focus on security.
• Recognized IT control frameworks and standards (e.g., COBIT, ITIL, NIST, ISO 2700x and RMF).
• Knowledge of State and federal information protection and control-related legislation (e.g., PCI, GLBA, SOXA 404, SB 1386, HIPAA, etc.).
• Technical knowledge in a wide array of platforms and systems (e.g., Windows, UNIX, SQL, Tandem)
Providing IT Solutions and Staffing
Pittsburgh, PA
this job portal is powered by CATS