Security Engineer I
The Security Engineer will be a part of the SPR IT Security team responsible for leading the F5 Application Security Manager (ASM) implementation. They will partner with different groups and build relationships with the network and application teams.
Work Hours: 8:00am - 5:00pm
- Primary resource for F5 ASM WAF Implementation, configuration, and administration.
- Partner with SPR IT Network team on various projects including F5 implementation.
- Write security reports and make recommendations as needed.
- Ensure compliance with organizational security rules and standards.
- Coordinate and execute IT security projects
- Coordinate response to information security incidents
- Conduct company-wide audits and manage remediation plans
- Conduct research to keep abreast of latest security issues
- Prioritize remediation of gaps based on internal and external audits
- Prepares compliance reports by collecting, analyzing, and summarizing data
- Ability to interpret information security data and processes to identify potential compliance issues
- Ability to quickly understand security systems in order to identify and validate security requirements
- Bachelor Degree (or equivalent work experience and Certifications) in) in Computer Science, Engineering, Information Technology
- Minimum of 5 years of hands on experience with F5 modules to include LTM, GTM, and ASM.
- Minimum of 5 years of information systems security or related auditing experience
- Preferred certifications: CEH, Security+, CISSP
- Must possess Enterprise VPN/Firewall Security, Advanced Malware Appliance, Security Incident and Event Management Appliance, Cisco SourceFire IPS with Network Amp and FireAmp, and Data Loss Prevention knowledge
- Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone
- Must be able to build and maintain relationships with different groups in order to effectively complete projects
- Expert knowledge of networking required
- Experience with firewalls, routers, load balancers and DMZ silos
- Strong analytical, technical, and problem-solving skills
- Ability to work effectively, independent of assistance or supervision
- Innovative, creative, and extremely responsive, with a strong sense of urgency
- Willing to share knowledge and assist others in understanding technical and business topics
- Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays
- Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
- Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows/Unix/Linux
- Experience with DNS, NTP, Citrix, and TACACS
- Working knowledge of protocols and technologies such as TCP, UDP, SSL, FTP, SMTP, NetBIOS and DHCP
- At least one technical certification related to a major platform (IBM, Microsoft or Cisco)
- Experience with performing vulnerability scans and assessments as well as computer forensics
- Familiarity with SOA governance and policy management best practices
- Information Security best practices and common processes.
- Knowledge of Windows and UNIX/Linux vulnerabilities and exploits
- A solid understanding of various firewalls, with actual experience in design, installation, configuration, and operation
- Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
- Ability to perform network protocol analysis and raw data capture
- A solid understanding and knowledge of LDAP
- Knowledge of OWASP, ISO 27001/2, PCI-DSS
- Self-motivated, self-directed and shows attention to detail while working
- Completes work in a timely manner and meets deadlines
- Contributes to building a positive team spirit and treats others with respect
- Maintains confidentiality of information and uses information appropriately
- Exhibits sound judgment when making decisions and recommendations
- Fosters collaboration toward a common vision and shared goals
Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public. Must be able to communicate well with staff to insure that all understand tasks, priorities, and schedules. Must be able to communicate well with end users/customers to help resolve issues.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; stoop, kneel, crouch, or crawl; and talk or hear. The employee must occasionally lift and/or move up to 50 pounds.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job the employee is regularly required to use hands to finger, handle, or feel; reach with hands and arms; talk or hear and taste or smell. The employee is frequently required to stand; walk and sit.
The employee is occasionally required to lift up to 50 pounds. The vision requirements include: close vision, distance vision, peripheral vision and ability to adjust focus.
The noise level in the work environment is usually moderate.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.