Security Engineering - Security Engineer II

send resumes to fredrick@jjcpl.net

Title :Security Engineering - Security Engineer II

Location :Owings Mills, Maryland

Duration :10+Months

Rate ;$50/hr

Job description :

The Sr. Network Security Engineer is responsible for the architecture, implementation, operation and maintenance of mission-critical enterprise security infrastructure solutions. This highly visible position will focus on the implementation of next generation firewall technology, which includes a large-scale device and DMZ consolidation. The Sr. Network Security Engineer will also play an integral role in the deployment and tuning of a new Intrusion Prevention systems, as well as to further expand the current vulnerability management services.

Essential Functions:

1. Design Information Security solutions using industry standard best practices, regulatory guidelines.

2. Ensure all security solutions and designs meet local and federal compliance requirements such as HIPAA, SOX, GLBA, FFIEC and PCI DSS.

3. Develop project, implementation and test plans.

4. Research and evaluate security technologies.

5. Implementation, monitoring and tuning of numerous security technologies including Next Generation Firewalls, IPS devices, Web Application Firewalls, Vulnerability Scanners etc..

6. Assist in monitoring, investigating, documenting and resolving identified security weaknesses, and recommend documented solutions for improvement.

7. Maintain an exceptional level of documentation including diagrams, security standards, manuals and white papers.

8. Lead cross-domain, cross-functional matrix project teams to implement solutions according to established milestones and budgets.

9. Efficiently manage multiple simultaneous projects

10. Provide accurate and timely reporting on all project deliverables.

11. Candidate will be expected to participate in an on-call rotation.

12. Ability to effectively communication both technical and non-technical users.

Required skills and abilities:

1. Networking hardware - routers, switches, load balancers, etc.

2. Next generation firewalls and application identification and tuning. Experience with Palo Alto Networks is highly desirable

3. Web Application Firewalls - F5 Application Security Manager (ASM)

4. Wireless network security devices such as AirTight or Motorola AirDefense

5. SSL VPNs - Cisco ASAs, Juniper IVEs, F5 FirePass

6. Next generation transparent remote access solutions such as Microsoft UAG or F5 BIG-IP Edge Gateway

7. PKI – CyberTrust, RSA, Entrust, Trustwave, Microsoft CA

8. IPS technology – experience with with Sourcefire 3D, RNA and RUA preferred

9. Vulnerability management – Nessus, nCircle, Rapid7

10. Forensics systems and techniques such as HBGary, Encase, FTK, etc

11. Application execution control such as with CoreTrace, Bit9, Microsoft AppLocker, or Verdasys

12. SIEM such as ArcSight, Q1 Labs, RSA envision or LogLogic.

Experience with one or more scripting/programming language on the list:

1. Python (preferred)

2. Perl

3. Shell scripting

4. VBScript

5. .NET

6. PowerShell

Qualifications/Credentials:

A Bachelor’s degree in Engineering, Computer Science or an equivalent combination of education and work experience is required.

Desirable certifications:

CISSP

GIAC Certified Firewall Analyst (GCFW)

GIAC Certified Enterprise Defender (GCED)

GIAC Certified Intrusion Analyst (GCIA)

Sourcefire Certified Professional (SFCP) or Sourcefire Certified Expert (SFCE)

Business Justification: Supports ASOP program (CI). Position completely funded through the CI (cost center 004M7).