Lead Security Engineer - (US-MA-Natick)
Lead Security Engineer - (US-MA-Natick)
Compensation: $135K - $150K / Year
Minimum Education: Bachelors
Job Type: Full Time
Jobcode: JBMSJA1
Provide subject matter expertise in information security disciplines supporting the design of our security technology architecture and implementation of security solutions. This position will establish, document, manage and disseminate information security architectural methodologies, policies, standards and baseline across all IT departments.
Participate on the Enterprise Architectural Board (EAB) to drive overall technology direction for security in defining the strategic view of Corporate IT & Business needs by reviewing proposed programs and projects referred by the EAB and PMO.
Identify security risks, threat and vulnerabilities of networks, systems, applications and new technology initiatives and provide direction to security engineers and project teams on building the appropriate information security controls into systems in development aligning them to enterprise security goals.
This position is responsible for identifying solutions, product/vendor evaluation, selection and procurement, development, migration, deployment and oversight including perimeter defense, Firewall Management, Endpoint security, Intrusion detection, Encryption, Wireless, VPN, Access control, data protection and integrity across platforms and applications.
Provide direction to security engineers on improving and maintaining the appropriate information security controls.
Serve as the point of contact for technical guidance, procedural questions and advanced level troubleshooting issues.
Perform other duties and/or responsibilities as assigned.
Requirements:
A minimum of 6-8 years experience within an Information Systems organization, with a concentration on Network Communications, System applications, Security Review and Assessments, Vulnerability Management, Penetration testing, or Encryption Methodologies, is required.
A Bachelors degree in Computer Science or related field is preferred and equivalent work experience will be considered.
A CISSP or CISA certification is a plus.
Must have knowledge and experience with:
(1) Firewall Management and Configuration Expertise;
(2) Security event Monitoring;
(3) Vulnerability Management;
(4) User provisioning;
(5) Single-sign on;
(6) Federation, Extranet Access Mgmt, and Directory solutions.
Direct experience with information security at the enterprise level and knowledge of Identity and Access Management (IAM) solutions are essential.
Knowledge of regulatory requirements and compliance issues specific to security and data protection required.
Must demonstrate proven skills in gathering and documenting business and functional requirements, system testing and configurations to contribute to the selection, deployment and maintenance of security solutions.
Must have good Microsoft Office skills, including Excel, Word, PowerPoint, Visio, Access.
Experience with technology vendors, direct customer or user contact and positive communication skills is required.
Knowledge of scripting techniques (Perl, Shell, etc.) or programming languages (J2EE, C, SQL, HTML) desired.
Knowledge of network infrastructures, including firewalls, VPN's, Intrusion Detection Systems, penetration testing and vulnerability assessment strategies, file and session encryption and cryptography methods, web application and device security is required.
Email resume in Word to TheBigGameHunter@cisny.com. Please include the job code for the position with your resume.
NO VISA TRANSFERS. NO OVERSEAS RESUMES. NO 3RD PARTIES.
To receive a complimentary subscription to my job search ezine, No B.S. Job Search Advice, go to www.jeffaltman.com to subscribe. Receive tweets about consulting assignments; subscribe to USConsulting on Twitter
9 East 37 Street
New York, NY 10016