Job Description :
Job description:
Designation: Manager Experience – 9 – 13 years Location: US - Either of Dallas(TX), Houston(TX) or Reston(VA) The Security Engineering Lead for one of our leading Insurance client would play a key role in providing the needed technical and Project leadership for a team of Security engineers in areas comprising (but not limited to SIEM(Splunk), Data base monitoring and protection and Web application firewall. He would be the Single Point of Contact for the client. Requirements (Background) • Bachelor of Science in Information Technology, Management Information Systems or Risk Management. • 5+ years of experience in IT Security or related area with a focus on security tool technology, security management and policy enforcement. • Prior experience with network security & related applications, tools and solutions. • Deep understanding of network routing and switching architecture, design and troubleshooting. • Experience supporting 24x7x365 high availability solutions in large complex data center environment. • Strong organizational skills. • Ability to multi-task and meet deadlines. • Ability to work efficiently and productively without direction or guidance. • Capable of exercising extreme discretion and independent judgment. • Ability to handle extremely confidential information in a professional manner. • GRC certifications such as CISA, CGEIT, CRISC (desired) • Education: Bachelor Degree in Engineering (Required) Engineering contribution 1. Provide analytical and technical security recommendations to other fellow team members, other technology teams of our client as needed, security management, and business stakeholders. Identify requirements, based upon need or as the result of a security issue that puts organizations systems at risk. 2. Act as liaison to other technology teams on the client side to effectively communicate, architect, and deliver security solutions. 3. Lead development of technical solutions in multiple areas (WAF, SIEM, Database monitoring, etc) and enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. 4. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. 5. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. 6. Define, maintain and audit up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc. 7. Support new and existing security solutions and partner with the security engineering team for the implementation and integration of any new enhancements made to existing security solutions in support of improving overall enterprise security. 8. Ensure security tools and solutions hardware/software/devices are operating effectively and updated in a timely manner. 9. Determine appropriate levels of security configuration, controls and monitoring. 10. Use appropriate and effective measures to respond to network security alerts. 11. Support the deployment of new security solutions in multiple data centers. 12. Support incident management processes and security monitoring alerts in preventing internal / external hackers. 13. Responsible for meeting all reporting requirements. Leadership & Project Management 1. Propose, plan, and execute Security engineering work in close collaboration with client to implement new and improve existing security solutions, working in partnership with the client Infosec and their Technology teams as appropriate. 2. Play an active role in collaborating with the client in various defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies. 3. Necessary mentoring to fellow Security engineering team members 4. Necessary project Management, tracking and reporting to client Day to day operations 5. Define and maintain operational configurations of all in-place security solutions as per the established baselines, for those security systems solutions that are partially or wholly operated by the InfoSec team. 6. Participate in the monitoring all in-place security solutions for efficient and appropriate operations. 7. Necessary intervention in the review of logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc. Interpret the implications of that activity and devise plans for appropriate resolution. 8. Problem management, root cause analysis Knowledge & Experience • 3+ years’ experience with Splunk on a large enterprise level. • Architecting and deploying Splunk Enterprise implementations in small to medium sized customers. • Administering Splunk and Splunk App for Enterprise Security (ES) log management. • Integrating Splunk with a wide variety of legacy data sources that use various protocols. • The ability to design Splunk reports and dashboards using complex data elements. A passion for Analytics, for helping users discover and share the stories and meaning in their data. Experience in translating business requirements into concrete data analytic solutions. • PERL/Linux shell scripting/Regex experience would be highly preferable. • Splunk training and/or certifications would be a major plus • Broad experience with administration and architecture for two or more other Security tools such as Imperva WAF and Guardium Database monitoring • Working technical knowledge of several of the infrastructure technologies. • In-depth technical knowledge of and experience with one or more common security products and toolset (firewalls; intrusion prevention systems; web-security content management; authentication services; SEIM; etc. • Working technical knowledge of wider a cross-section of the common security products and toolsets. • Experience with programming languages; or scripting languages such as Perl, Python, or Powershell strongly preferred. • Familiarity with software development process and practice desirable. • Familiarity with electronic trading technologies and applications desirable. • Experience with security program assessment, development and management practices; including working with industry standards and frameworks (particularly the NIST Cybersecurity Framework) Personal Attributes • Proven analytical and problem-solving abilities. • Ability to effectively prioritize and execute tasks in a high-pressure environment. • Good written, oral, and interpersonal communication skills. • Ability to conduct research into IT security issues and products as required. • Ability to present ideas in business-friendly and user-friendly language. • Highly self-motivated and directed. • Keen attention to detail. • Team-oriented and skilled in working within a collaborative environment.