Job Description :
CISCO SECURITY ENGINEER
Location – Quincy, MA
Length – 1+ year
Commonwealth of MA
Advise MassDOT in the development of new technology and tools throughout a project lifecycle, and support remediation of security vulnerabilities.
DUTIES & RESPONSIBILITIES:
Systems Requirements Planning
Enable secure systems by evaluating network and security technologies, including local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; support the design of public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhere to industry standards. Possess a knowledge of various architectures to include cloud, Hybrid and on premises.
Systems Security Architecture
Provide information security guidance and architectural support to customers throughout a project utilizing a risk based approach.
Advise on the implementation of security technologies to strengthen IT architecture.
Work with system owners to ensure that appropriate security controls are designed, documented and implemented.
Identify security gaps in design and process for existing and proposed architecture(s) and recommend changes or enhancements.
Document and maintain a log of information security risks associated with projects.
Support the management and maintenance of security elements to ensure strong configuration.
Vulnerability management program - Advise on the remediation, criticality and patching of vulnerabilities.
Create solutions that balance business requirements with information and cyber security requirements using a risk based approach.
Recommend tools and solutions for the protection of users, employees, data, and state records at rest and in transit.
Support the secure deployment and architecture of system(s) consisting of but not limited to on premise, hybrid and cloud based solutions.
General
Stay abreast of information security issues and regulatory changes affecting information technology and transportation at the state and national level.
Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Respond to each inquiry, whether from a customer, vendor or co-worker in a courteous and professional manner.
Perform related duties and projects as assigned.
Provide on-call support as needed.
Be willing and able to drive a company or personal vehicle to assist at emergencies and/or events as needed.
Perform special projects and other duties as assigned.
Have a general understanding of current Laws, Articles and Regulations regarding Massachusetts residents data.
QUALIFICATIONS:
Bachelors degree in related technical or engineering field or supplemental professional experience. Relevant experience can be substituted for degree.
Knowledge of or experience with security architecture framework.
Knowledge on threat landscape, security threat and vulnerability management, as well as security monitoring and analytics.
Knowledge in compliance frameworks and requirements such as PCI, HIPAA, SOX, etc.
Demonstrated ability to perform a risk-based approach to securing applications, databases, or infrastructure.
Demonstrated process orientation the ability to build repeatable and reusable processes.
Excellent verbal and written communication skills.
PREFERENCES INCLUDE:
CISSP, CISSP-ISSAP, CISSP-ISSEP, CEH, Security + or equivalent certification preferred.