Job Description :
Job Title: Network Security Engineer
Location: Durham,NC
Type:Contract
Job Description:
Needs:
· day to day security needs
· SIEM
· internal pen testing
· vuln management / queue management
· risk assessment
· tooling
· operations
· compliance to internal and external policies (infosec policies, CATO, PCI)
· coding experience
Who You''ll work with
Cisco Cloud Email Security and Cisco Security Applications services combine best-of-breed technologies to provide the most scalable and sophisticated email protection available today. Our infrastructure operations teams provide infrastructure services to the Cisco Cloud Services security product portfolio which is globally deployed and must be maintained to be secure, scalable, reliable and responsive.
Who You Are
As a Security Engineer you are part of a team that is responsible for ensuring the security of Cisco Security Cloud Operations network systems. The team is responsible for maintaining security systems, administering security policies, investigating and recommending security technologies and performing security investigations. In your role, as a Security Engineer, you address the most complex issues and develop recommendations and plans to resolve them. This is a challenging position working in a fast paced environment, with the opportunity to utilize your experience as a subject matter expert to positively influence not only the team objectives, but the business units as well.
What You''ll Do
In this highly visible role as a Security Engineer, you will:
· Perform security audits of infrastructure systems'' security, maintain compliance against vulnerability assessments.
· Manage, configure, administer and maintain security information and event management tooling and processes surrounding it. Proactively monitor and respond to incoming alerts.
· Troubleshoot escalated, extended, or recurring issues, evaluate the impact of current security advisories and publications, support fellow Cisco employees with security advice and guidance.
· Oversee external penetration testing.
· Conduct internal white box penetration tests at regular intervals.
· Responsible for ensuring compliance with security standards, internal and external policies,
· Documentation and educational programs/training.
· New feature testing for a global network and data center infrastructure.
· Responsible for identifying security related gaps/deficiencies and to formulate and present sound recommendations for remediation.
· Work with DevOps teams to help decipher vulnerabilities, apply risk assessment and suggest mitigation direction.
· Provide technology solutions input and recommendations to address technology issues, working closely with our technical leads, security architects and SME''s.
· Implement hardening techniques and layered-defense strategies for operating systems, databases, web servers and web services.
· Security As Code – leverage automation and scripting to improve our security posture through efforts such as reducing manual activities that may introduce gaps in compliance, increase time to remediation and so on.
· Improve security processes for vulnerability management and security incident management.
· Provide on-call escalation operations support for the infrastructure group.
Required Skills
· Two years'' experience in one of the following roles: security, system administration or development.
· The qualified candidate should have a proven track record working at a global scale of one of the following: implementing security solutions, administering servers or developing software.
· Demonstrated working knowledge and proficiency in security technologies, policies and risk assessment.
· Experience with vulnerability management tooling (such as Qualys, Nessus) a plus.
· Working knowledge and proficiency in operating systems (particularly Linux, Windows and to a lesser extent FreeBSD
· Expertise in scripting/automation is a must (particularly Python
· Expertise in network and system based attacks and mitigation. network intrusion detection and prevention skills.
· Expertise in network-related protocols (e.g., TCP/IP, IPsec) strongly preferred.
· Excellent verbal, presentation and written communications skills. Ability to communicate with technical, non-technical, and senior management audiences.
· Security certifications such as CISSP, GIAC, CCNP are a plus but not required.