Security Engineer
Our client in Waltham, MA has a Temp to Hire contract opening for a Security Engineer.
The Security Engineer serves as a subject matter expert in many areas of security, and MUST be able to describe and document in business terms the impact of security policies, standards, and architecture.
Will coordinate with the Security Architect on identifying existing security services that can be leveraged by the project and identify gaps in the business requirement that will need new security services to be able to meet the security controls identified in an aggressive timeframe.
Perform security risk assessments to determine level of security services Implement security designs by working with the security architect in leveraging policies, standards, and patterns including controls to support the specific project requirements.
Provide testing scenarios to the project team ensuring the security controls are in place as required.
Elevate residual risk to be included in the risk register and approved by the key stakeholders where they cannot be mitigated or addressed.
Provide security direction to the business and project stakeholders to ensure that security is a key focus for all projects and new business initiatives.
Knowledge, Experience & Technical Know How:
- Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design) and cloud-based technologies, - Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions both internally and within cloud provided services, with CASB products a plus.
- Able to translate business and non-functional requirements to establish security controls so that a proper security design can be architected and to document the security solutions for communications and enduring documentation.
- Previous experience identifying and addressing security requirements within the AGILE Project Framework method.
- Strong knowledge of data and information flows, information governance, and network protocols.
- Experience of designing and incorporating technical security controls that align to NIST 800-53r4 - Experience of designing and managing security controls within service providers and the cloud.
- Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
- Prepared to challenge business and IS colleagues and have the difficult conversations where needed - Strong communication, leadership and partnering skills.
- Familiarity with EA Sparx a plus - Proven track record of successfully delivering business requirements to time and budget constraints.
- Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
- Prior utility industry experience preferred, including knowledge of customer, ERP, asset management, and analytics.
- Familiar with security application lifecycle process frameworks including NIST 800-64.
Qualifications Required:
- BS Degree - Information Security Qualifications such as CISSP, ISSAP, and SABSA practitioner preferred.
- Security Qualifications such as SANs, CCNA, CCNP.
- Familiar with various controls including NIST Experis is an Equal Opportunity Employer (EOE/AA).
Estimated Salary: $20 to $28 per hour based on qualifications.
The Security Engineer serves as a subject matter expert in many areas of security, and MUST be able to describe and document in business terms the impact of security policies, standards, and architecture.
Will coordinate with the Security Architect on identifying existing security services that can be leveraged by the project and identify gaps in the business requirement that will need new security services to be able to meet the security controls identified in an aggressive timeframe.
Perform security risk assessments to determine level of security services Implement security designs by working with the security architect in leveraging policies, standards, and patterns including controls to support the specific project requirements.
Provide testing scenarios to the project team ensuring the security controls are in place as required.
Elevate residual risk to be included in the risk register and approved by the key stakeholders where they cannot be mitigated or addressed.
Provide security direction to the business and project stakeholders to ensure that security is a key focus for all projects and new business initiatives.
Knowledge, Experience & Technical Know How:
- Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design) and cloud-based technologies, - Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions both internally and within cloud provided services, with CASB products a plus.
- Able to translate business and non-functional requirements to establish security controls so that a proper security design can be architected and to document the security solutions for communications and enduring documentation.
- Previous experience identifying and addressing security requirements within the AGILE Project Framework method.
- Strong knowledge of data and information flows, information governance, and network protocols.
- Experience of designing and incorporating technical security controls that align to NIST 800-53r4 - Experience of designing and managing security controls within service providers and the cloud.
- Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
- Prepared to challenge business and IS colleagues and have the difficult conversations where needed - Strong communication, leadership and partnering skills.
- Familiarity with EA Sparx a plus - Proven track record of successfully delivering business requirements to time and budget constraints.
- Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
- Prior utility industry experience preferred, including knowledge of customer, ERP, asset management, and analytics.
- Familiar with security application lifecycle process frameworks including NIST 800-64.
Qualifications Required:
- BS Degree - Information Security Qualifications such as CISSP, ISSAP, and SABSA practitioner preferred.
- Security Qualifications such as SANs, CCNA, CCNP.
- Familiar with various controls including NIST Experis is an Equal Opportunity Employer (EOE/AA).
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
