Sr Security engineer
Sr Security engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
SUMMARY
Security professionals with extensive handson experience on PKI technology and market trends assess the impact of emerging security threats on the enterprise risk level recommend technology direction and/or adjustments to incorporate in the business plans. Consults with other members of team client and end users to identify PKI requirements and develop requirements documentation.
PROFESSIONAL SUMMARY
High performing and selfmotivated extensive professional experience in designing implementing and managing PKI and security solutions.
Solid understanding of PKI concepts and security properties.
Support PKIbased products (including Web servers and certification authorities) and Common PKIbased protocols (including SSL and TLS HTTPs or LDAPs).
Experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.
Review patch the Red Hat Certificate System source code for defects.
Develop Red Hat Certificate System source code to implement new capability.
Strong expertise in PKI Engineering Support and troubleshooting.
Experience with HSM design and implementation.
Working knowledge with OSI layer 27 security tactics and different kinds of attacks.
Demonstrated abilities in working with team to deliver projects to clients within specified timeframe and as per specifications.
RESPONSIBILITIES
Support and mature Deltas PKI (Public Key Infrastructure) program including strategy governance implementation operations and continuous alignment with compliance and regulatory requirements.
Engage with system owners business teams and IT stakeholders in strategic discussions to provide best in class PKI security strategy and industry guidance to maximize longterm business objectives.
TECHNICAL SKILLS DETAIL
Good working experience with scripting platforms (PowerShell Batch Json Python YAML etc)
Expert in PKI design implementation administration and provisioning in AWS. Extensive experience in AWS PKI services: KMS CloudHSM ACM CloudFront Secrets Manager CloudTrail
Experience with PKIbased products (including Web servers and certification authorities) and Common PKIbased protocols (including SSL and TLS HTTPs or LDAPs).
A solid understanding of Public Key Infrastructure (PKI) including technology standards and implementations with experience managing configuring or supporting a PKI certificate authority
Experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.
Conduct technical research and set cloud security direction and strategy
Experience in automating certificate renewal and certificate life cycle management.
Experience with Microsofts PKI Technologies and latest Windows and Linux server platforms.
Experience with integration of Venafi with Microsoft PKI Technologies and Public PKI Providers.
Experience on IBM Mainframe platforms Encryption (TKE UKO SGKLM etc).
Experience in areas such as identity management provisioning authentication authorization certification/governance monitoring along including HSPD12 compliance.
Experience developing and implementing IT Contingency Plans.
Strong communication skills.
Strong attention to detail.
Keen diagnostic and problem solving skills.
TECHNICAL/PROFESSIONAL CERTIFICATIONS & SKILLS (PREFERRED)
Bachelors Degree in Information Security Computer Science or related field.
5 years of professional experience in PKI Venafi digital certificates management IBMMainframe Scripting and Information Security domains.
Experience with Agile software development methodologies.
Preferred one or more certifications: CISSP AWS Cloud Certificates CISM or other Cyber Security related certification.
Responsibilities:
Responsible for the design testing evaluation implementation support management and deployment of security systems/devices used to safeguard the organizations information assets. Also responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification destruction or disclosure. Works with the technical team to recover data after a security breach. Configures and installs firewalls and intrusion detection systems. Develops automation scripts to handle and track incidents. Investigates intrusion incidents conducts forensic investigations and mounts incident responses. Delivers technical reports and formal papers on test findings. Installs firewalls data encryption and other security measures. Maintains access by providing information resources and technical support. Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements. Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Accomplishes information systems and organization mission by completing related results as needed. Builds deploys and tracks security measurements for computer systems and networks. Mitigates security vulnerabilities by implementing applicable solutions and tools. Performs vulnerability testing risk analyses and security assessments. Collaborates with colleagues on authentication authorization and encryption solutions. Tests security solutions using industry standard analysis criteria. Responds to information security issues during each stage of a projects lifecycle. Performs risk assessments and testing of data processing systems. Establishes system controls by developing framework for controls and levels of access; recommending improvements
Establishes computer and terminal physical security by developing standards policies and procedures; coordinates with facilities security; recommends improvements. Safeguards computer files by performing regular backups; developing procedures for source code management and disaster preparedness; recommends improvements. Determines the sensitivity of the data in order to recommend the appropriate security needs. Develops proposals for and consider cost effective equipment options to satisfy security needs. Communicates with the technical team management team and users companywide if data security is breached. Designs infrastructure to alert the technical team of detected vulnerabilities. Evaluates new technologies and processes that enhance security capabilities. Supervises changes in software hardware facilities telecommunications and user needs. Defines implements and maintains corporate security policies. Analyzes and advises on new security technologies and program conformance. Creates tests and implements network disaster recovery plans. Recommends security enhancements and purchases. Trains staff on network and information security procedures. Develops security awareness by providing orientation educational programs and ongoing communication. Recommends modifications in legal technical and regulatory areas that affect IT security.
Employment Type
Full Time
