Job Description :
Company Overview:

Creating value by bringing together the right people to achieve results is our motto. Our clients and employees say they choose to work with us because of how we work with them - with service that exceeds their expectations and a personal commitment to their success.

Our client, one of the largest distributors of natural gas in the northeast US, serving customers in NY, MA, and RI seeks an accomplished Security Engineer.


Description:
The Security Engineer serves as a subject matter expert in many areas of security, and is able to describe and document in business terms the impact of security policies, standards, and architecture.
This person will provide security direction to the business and project stakeholders to ensure that security is a key focus for all projects and new business initiatives.
Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
Prepared to challenge business and IS colleagues and have the “difficult conversations” where needed in the interests of Client.
Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
This role has a significant impact on defining security requirements and ensuring that all projects meet these requirements, or that exceptions and issues are noted and remediated as appropriate.
Perform security risk assessments to determine level of security services to include.
Implement security designs by leveraging policies, standards, and patterns including controls to support the specific project requirements.
Estimate costs for the security services to be included in the design appropriate to the risks identified.
Provide testing scenarios to the project team ensuring the security controls are in place as required.
Elevate residual risk to be included in the risk register and approved by the key stakeholders where they cannot be mitigated or addressed.

Requirements:
Educated to degree level (or equivalent combination of education and experience
Information Security Qualifications such as CISSP, ISSAP, and SABSA practitioner preferred.
Security Qualifications such as SANs, CCNA, CCNP.
Familiar with various controls including NIST and NERC CIP
Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design), database, operating system and application security.
Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions.
Strong knowledge of data and information flows, information governance, and network protocols.
Experience of designing and incorporating technical security controls, including for SAP.
Experience of incorporating security controls at each stage of the software development lifecycle process.
Experience of designing and managing security controls within service providers and the cloud.
Experience of security hardening techniques and policy development, particularly operating system hardening (e.g. Windows, UNIX, Oracle
Prior utility industry experience preferred, including knowledge of Critical National Infrastructure (CNI Familiar with security application lifecycle process frameworks including NIST 800-64.
Able to translate business and non-functional requirements to identify the security design and to document the security solutions for communications and enduring documentation.



I''d love to talk to you if you think this position is right up your alley.

If you''re looking for rewarding employment and a company that puts its employees first, we''d like to work with you. We''re driven, people driven. We also offer group health Insurance (employee paid on a pre-tax basis

NOTE: “Candidates that are offered a position are required to pass pre-employment drug and background screening”