The Senior Security Engineer will ensure and maintain its Strong Security Posture, compliance with regulations and safeguard our customer’s data. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating vulnerability scans. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required.
Strategy & Planning
Help maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
Assess need for any security reconfigurations (minor or significant) and execute them if required.
Keep current with emerging security alerts and issues.
Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
Manage and ensure the security of databases and data transferred both internally and externally.
Assist or oversee penetration testing of all systems in order to identify system vulnerabilities.
Design, implement, and report on security system and end user activity audits.
Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
Recommend, schedule (where appropriate), and apply fixes, security patches, any other measures required in the event of a security breach.
Download and test new security software and/or technologies.
Manage and/or provide guidance to junior members of the team.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Ability to conduct research into security issues and products as required.
Process Access Request tickets based on departmental and firm polices.
College degree in the field of computer science or related discipline.
Working knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
In-depth technical knowledge of network, and platform operating systems,
Working technical knowledge of AWS.
Strong knowledge of TCP/IP and network administration/protocols.
Working knowledge of Python.
Intuition and keen instincts to pre-empt attacks.
High level of analytical and problem-solving abilities.