Principal Cybersecurity Engineer
Principal Cybersecurity Engineer
Posted on :
03-11-2024
Employer Active
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Posted on :
03-11-2024
Job Description
Title: Principal Cybersecurity Engineer/Jr. Cybersecurity Architect
Location(s): Atlanta GA / Dallas TX / Kansas City MO
Duration: 6 Months (with possible extension)
Description:
Client is looking for a candidate who will help ensure that clients software systems and infrastructure are designed and implemented to the highest security standards. Performs technical security assessments code reviews and vulnerability testing to highlight risk and remediate associated findings while helping client teams and partners improve security. Works closely with other client Engineers to design and build proactive methods to enhance our security posture.
Client is looking for a candidate who will help ensure that clients software systems and infrastructure are designed and implemented to the highest security standards. Performs technical security assessments code reviews and vulnerability testing to highlight risk and remediate associated findings while helping client teams and partners improve security. Works closely with other client Engineers to design and build proactive methods to enhance our security posture.
This position serves as a subject matter expert which drives vision and results to enhance security posture within mobile device IoT device enterprise line of business applications cloud big data and core and carrier network technologies as well as and other business units as needed as well as act as a Principal security advisor to crossfunctional teams for the successful delivery of projects or services to enterprise customers.
Responsibilities:
Leads information security review of new technologies designs and remediation planning efforts.
Collaborates with Engineering & Operations Teams to address security vulnerabilities found via PSIRTs scans or breaches.
Investigates and/or leads identifying security needs & recommends plans/resolutions. Implements tests & monitors info security improvements.
Significant experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification analysis and thread model design. The threat model depicts trust boundary threat agent(s) threat vector(s) and safeguard(s) necessary to protect person asset data and brand.
Significant experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE PASTA TRIKE ATTACK TREE DREAD KILL CHAIN CAPEC.
Mobile Application threat model Cyber Threat Tree and data flow diagram.
Subject matter expert in multiple facets of network & information security including Firewall policy design SSL Certificate management vulnerability analysis & mitigation and other topics as assigned.
Advanced understanding of IP/Security solutions & technologies applicable to the Wireless Network Architecture.
Subject matter expert in all facets of network & information security including Firewall policy design SSL Certificate management vulnerability analysis & mitigation and other topics as assigned.
Ability to create technical specification and requirements and work independently and with no direction/supervision. Able to quickly adapt to new or evolving technologies related to new product & services requiring validation or research.
Strong verbal and communication skills with diverse cross functional groups. Ability to present advanced concepts to leadership peers and others in subordinate roles.
Understanding load balancers (ex A10 F5) firewalls (ex CheckPoint) Venafi MDM (ex Mobile Iron) Cloud (ex AWS Azure) Malware Protection (ex FireEye) Advanced Persistent Threats (ex Damballa) Privileged Accounts (ex CyberArk) SIEM (ex ArcSight) Log & Event (ex Splunk) Intrusion IDS/IPS (ex Symantec)
Cloud Platform (ex PCF Docker) Scanning (ex Qualys) AppSec (ex Veracode)
Advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
Knowledge of federal & compliance regulations e.g. SOX PCI & CPNI
Working knowledge of web application development RESTful APIs and skills in Java frameworks python Nodejs.
Experience with mobile applications and handset security.
Mandatory Areas:
Must Have Skills
Cyber Security: 10 Years
Java frameworks python Nodejs: 5 Years
Threat Modelling like STRIDE PASTA TRIKE ATTACK TREE DREAD KILL CHAIN CAPEC: 5 Years
SSL: 8 Years
Firewall policy design: 5 Years
vulnerability analysis & mitigation: 5 Years
Understanding load balancers (ex A10 F5) firewalls (ex CheckPoint) Venafi MDM (ex Mobile Iron) Cloud (ex AWS Azure) Malware Protection (ex FireEye) Advanced Persistent Threats (ex Damballa) Privileged Accounts (ex CyberArk) SIEM (ex ArcSight) Log & Event (ex Splunk) Intrusion IDS/IPS (ex Symantec): 5 Years
Cloud Platform (ex PCF Docker) Scanning (ex Qualys) AppSec (ex Veracode): 5 Years
Leads information security review of new technologies designs and remediation planning efforts.
Collaborates with Engineering & Operations Teams to address security vulnerabilities found via PSIRTs scans or breaches.
Investigates and/or leads identifying security needs & recommends plans/resolutions. Implements tests & monitors info security improvements.
Significant experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification analysis and thread model design. The threat model depicts trust boundary threat agent(s) threat vector(s) and safeguard(s) necessary to protect person asset data and brand.
Significant experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE PASTA TRIKE ATTACK TREE DREAD KILL CHAIN CAPEC.
Mobile Application threat model Cyber Threat Tree and data flow diagram.
Subject matter expert in multiple facets of network & information security including Firewall policy design SSL Certificate management vulnerability analysis & mitigation and other topics as assigned.
Advanced understanding of IP/Security solutions & technologies applicable to the Wireless Network Architecture.
Subject matter expert in all facets of network & information security including Firewall policy design SSL Certificate management vulnerability analysis & mitigation and other topics as assigned.
Ability to create technical specification and requirements and work independently and with no direction/supervision. Able to quickly adapt to new or evolving technologies related to new product & services requiring validation or research.
Strong verbal and communication skills with diverse cross functional groups. Ability to present advanced concepts to leadership peers and others in subordinate roles.
Understanding load balancers (ex A10 F5) firewalls (ex CheckPoint) Venafi MDM (ex Mobile Iron) Cloud (ex AWS Azure) Malware Protection (ex FireEye) Advanced Persistent Threats (ex Damballa) Privileged Accounts (ex CyberArk) SIEM (ex ArcSight) Log & Event (ex Splunk) Intrusion IDS/IPS (ex Symantec)
Cloud Platform (ex PCF Docker) Scanning (ex Qualys) AppSec (ex Veracode)
Advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
Knowledge of federal & compliance regulations e.g. SOX PCI & CPNI
Working knowledge of web application development RESTful APIs and skills in Java frameworks python Nodejs.
Experience with mobile applications and handset security.
Mandatory Areas:
Must Have Skills
Cyber Security: 10 Years
Java frameworks python Nodejs: 5 Years
Threat Modelling like STRIDE PASTA TRIKE ATTACK TREE DREAD KILL CHAIN CAPEC: 5 Years
SSL: 8 Years
Firewall policy design: 5 Years
vulnerability analysis & mitigation: 5 Years
Understanding load balancers (ex A10 F5) firewalls (ex CheckPoint) Venafi MDM (ex Mobile Iron) Cloud (ex AWS Azure) Malware Protection (ex FireEye) Advanced Persistent Threats (ex Damballa) Privileged Accounts (ex CyberArk) SIEM (ex ArcSight) Log & Event (ex Splunk) Intrusion IDS/IPS (ex Symantec): 5 Years
Cloud Platform (ex PCF Docker) Scanning (ex Qualys) AppSec (ex Veracode): 5 Years
Employment Type
Remote
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
