The Senior Security Engineer is an individual contributor with broad based knowledge in multiple domains of information security, translating security architecture designs received by them into infrastructure or service based solutions predicated on lowering our customer’s exposure to unnecessary risk, and elevating the level of protection for electronic and physical assets. This role can be focused on a single client and a single project or can span across multiple clients or projects as assigned over time. This role may be both tactical and strategic in focus and in large part, executes designs and plans working in concert with a Solutions Architect.
What You Can Expect When You Apply
- Lead select security implementation projects with expertise in web, application, cloud and network security
- Assist customers in forming responses and action plans to external and internal audits and external security assessments.
- Participate and lead security risk assessments, penetration tests, and helping to diagnose and isolate internet, intranet and extranet intrusion attempts.
- Work closely with customer defined DevOps and Engineering staffs to proactively identify and fix or patch security flaws and vulnerabilities.
- Recommend and assist in the application of security “templates”, that is hardened build instructions for both network and servers
- Recommend and assist in the coordination of disaster recovery procedures in the event of a security breach.
- Research emerging technologies in support of security enhancement and development efforts.
- Implement new technologies (to the customer) based off their future state architecture designed to improve security posture and lessen exposure to various threat conditions
- Perform security based upgrades, new installations, enhancements and configuration changes to compute and network components
- Based on project statement of work, monitor daily operations and troubleshoot security problems remotely or on-site
- Implement security tools and systems (Intrusion Detection System, Intrusion Prevention System, Virtual Private Network, Web Application Firewall, Data Loss Prevention, Endpoint Protection, Enterprise Detection and Response, honeypots, SIEM, Vulnerability Scanners, Web Proxies, Forensic toolkits, Multi-Factor Authentication, key management) in customer heterogeneous computing environments that make span on-premises, colocation, private and public cloud computing environments
- Perform security reviews of server/network/web application design within a virtualized environment and ensure compliance with organizational security policies, compliance objectives or security best practices.
- Test physical and logical access control methods for efficacy and understanding across the customer’s environment
- Prescribe and educate customer tooling to detect, investigate and recover from security incidents as well as assisting with incident response planning
- Responsible for raising company-wide security awareness and monitoring information security related web and social sites to stay up to date on current attacks and trends.
- Analyze potential impact of new threats and exploits and communicate risks to relevant business units/IT staff
- Participate and provide technical input in meetings with account team including colleagues, managers and account managers regarding account status, ongoing issues and solutions.
When your application is received, we will review it to see if you would be a potential fit for this role or other similar openings we may have available. If that’s the case, you will hear from us shortly. If not, your resume will be in our database and we will reach out when appropriate opportunities become available.
Pinnacle Recruiting & Staffing LLC is headquartered in Troy NY and provides talent to technology organizations across the United States. Founded by experienced recruiters who have worked for the largest staffing firms in the world, we leverage that experience to provide the highest level of service to our clients and candidates, while still retaining the flexibility and personal touch of a smaller firm.