Find A Job › Information Technology

SEARCH:

Security Engineer

  • Location: Raleigh-Durham, NC
  • Job Type: Contract
  • Ref No: 19-06072
  • Date: October 11, 2019
  • Job title:
Questions about this job listing? Contact the recruiter now.

Job Description - Security Engineer

Client is looking for a Security Engineer for *** in Durham, NC.

Position Overview

Raise the security bar for FI Web Tech by monitoring ongoing processes and performing other activities related to secure code reviews including analysis of results and derivation of statistics. Work with the team to implement controls and/or solutions to specific business problems to ensure risks and exposures are properly mitigated, provide basic technical assistance on risk-related systems issues, and assist the business unit liaison for information risk management program.

Position Details

Lead testing efforts on FI Portal applications

Keep current with the subsystems on new/changing features of applications

Working with the subsystem SMEs, learn the navigation paths through the applications

As needed, perform application walk throughs for PEN testing.

Application testing

Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.

Analyze test results, draw conclusions from results, and develop targeted exploit examples

Upon completion of the assessment, manage statistics and prepare reports

Communicate findings to the subsystems

Consult with subsystem teams to ensure potential weaknesses are addressed

Monitor progress for finding remediation

Manage proactive Static Code reviews

Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.

Analyze test results, draw conclusions from results, and develop targeting exploit examples

Perform analysis and make recommendations for resolving issues

Support ad hoc data analysis requests

Manage ECS (static and pen code reviews) submissions

Prepare and submit ECS code reviews

Analyze incoming findings for validity

Deep-dive code analysis for additional details – root cause analysis of issues

Assign findings to subsystems

Partner with subsystems to implement plans for remediation

Work with the team to define requirements and influence security strategy

Analyzing and assessing potential security risks, developing plans to deal with such incidents by putting measures in place such as monitoring and auditing systems for abnormal activity, and executing corrective actions.

Perform analysis and make recommendations (e.g. in partnership with other  organizations, evaluate vendor security products from an incident response life cycle perspective; review impact of information systems to determine if they add value in assessment of risk; review and comment on security architecture

Manage solutions to accommodate new event sources, automate event analysis, and correlate events for investigations

Miscellaneous

Collaborate with the static code scanning and Security Analyst to provide holistic view of the state of application security

Contribute to the research or development of tools to assist in the vulnerability discovery process

Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of the firms applications and infrastructure

Stay current on security best practices and vulnerabilities Communicate status (e.g. report on progress against technical plan; timely escalation of issues and risks; ability to explain technical solutions to a non-technical audience)

Maintain data for statistical analysis




Related Job Listings

Job Location Type Posted  
CISCO ISE Engineer ( REMOTE ) Raleigh, NC Direct Placement November 25
Solutions/ Systems Architect Raleigh-Durham, NC Contract November 25
Corporate Recruiter Hickory, NC Contract November 08
Wires/Cross Border Payments Subject Matter Expert charlotte, NC Direct Placement November 06
Python Developer Durham, NC Contract October 24