Skip to content

 

Lake Forest Illinois - $125k-140k + Bonus Full Time Posted: Thursday, 18 April 2019
 
 
Applicants must be eligible to work in the specified location

Senior Security Engineer
$125k-140k + Bonus

*Can be located in Lake Forest, IL or Chicago, IL*.

Prestigious Fortune 500 Firm is seeking a Senior Security Engineer. This individual devises solutions to complex security and business needs while aligning with Company strategies, policies standards, guidelines and procedures. This individual highlights and leads the remediation of significant gaps in the security of a large enterprise.

Creates solutions for cross-enterprise complex problems in the areas of:

Application Security

Infrastructure/Endpoint Security

Cloud Security

Database Security

Gives guidance to and mentors SOC Analyst and Engineers. Provides guidance and security consulting services to IT leadership.

Principal Duties & Responsibilities:

Provide Level III Support for escalated tickets from SOC and other engineering teams

Collaborate with other teams as necessary to ensure customer service levels are met

Design and development of Security Solutions to protect Company IT assets (Americas)

Work closely with Infrastructure OR Software Delivery engineering teams to ensure security requirements are understood and built into the design of other entreprise services

Forecast and Establish technical requirements in concert with Architecture and Risk Management for Connectivity (intra and intercompany), Internet facing solutions, Infrastructure, Application, eCommerce, Mobility, Cloud, etc.

Provide subject matter expertise for Architecture, Planning and Roadmap sessions

Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies

Document solutions engineered to be handed off to SOC, and other Engineering support organizations

Own Security aspects of Software OR Infrastructure Delivery life cycle

Perform product and solution life cycle management ensuring capacity, integrity and availability of all systems.

Lead the execution of more complex multi-platform changes

Participate in projects as required; analyze, design, develop and implement security solutions which protect the information assets while enabling business functionality

Lead/direct IT infrastructure OR application penetration testing using standard tools and procedures

Perform Root Cause analysis for security or availability failure annd direct the remediation of Security related causes

Education:

Bachelor's degree in Information Systems or related degree, or equivalent job experience.

Experience:

2 years of experience in Security solution design, implementation and troubleshooting across all computer platforms.

5 years of experience in Security technology implementation and troubleshooting across all computer platforms (Can count a bachelor's degree in CS, or InfoSec as 1.5 years of experience)

5 or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.

Experience and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall (such as Check Point, Fortinet, Cisco ASA, Palo Alto, Juniper), VPN, SEIM, IDS/IPS (such as SourceFire, HP TippingPoint), HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention (such as Symantec, RSA, McAfee), content filtering technologies, application Firewalls (such as F5, Imperva), vulnerability scanners, forensics software, and security incident response.

Understanding of Cloud solution best practices and integration techniques

GIAC and ISC2 certifications such as CISSP are highly preferred.

Good understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)

Highly self-motivated

Strong attention to detail

Ability to effectively prioritize and execute tasks in a complex environment

Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.

Strong client relationship management skills

Strong analytical and problem-solving skills

Very strong verbal and written communication skills

Strong interpersonal and conflict management skills

General Area

How the Sr. Security Engineer fits this focus

Policy creation, compliance tracking

Policy or control awareness/recommendations/enforcement with supporting solution development or recommendations. All of our engineers are expected to be service-oriented and consultative/collaborative with our partners; this is to ensure Security is not perceived as a NO organization, but a "how do we help you reach your goals" resource, all while staying true to the security controls, policies and rules in place today. It should be noted however that the Security Engineering and Operations team may be asked on many occasions to assist our Governance Risk and Compliance team in the deeper understanding of control or policy context as it pertains to Company; they may offer advice on wording, supporting evidence, control mapping, risk analysis, etc.

Design and implement security tools

While our standard Security Engineer role would commonly focus on the design and implementation of an identified tool, our Sr. Engineers would be responsible for the comprehensive analysis of the enterprise environment, evaluating our security exposure in the context assigned, researching appropriate vendor solutions (People, Process, Technology), then facilitating open dialogue and collaboration with our key stakeholders to determine the ultimate selection. The Sr. Engineer is then responsible for designing and implementing the solution, in concert with requirements form legal and procurement. Lastly, the Sr. is expected to not only implement but to fine tune the solution so that the information being provided is relevant, accurate, and integrated effectively across our other tools. The Sr. is also expected to conduct scoping of deployment to ensure we are maximizing the many other features that the tool may offer already.

Compliance or audit remediation

Root cause analysis of what caused the finding, far deeper than common auditor analysis but to the core (people process technologies) to determine what fundamental security control is failing and why, and solutioning through existing (People, Process or Technology) methods to solve the root cause.

Network (CISCO, Palo Alto) administration, Firewall administration, network performance monitoring,

Assessing our network topology, Firewall rules, interconnects with subsidiaries, traffic flows, packet captures, DNS security, etc., and identifying areas of security risk. Investigate and propose solutions to close the gap while working with the network team in such circumstances lock step. Our Network Engineering team designs, builds and operates our network infrastructure while monitoring performance. Security monitors the physical network and the data flowing within for security flags, concerns, or exposures.

Windows, Linux, Desktops, Mobile

Assessing our end point technologies for effectiveness in protecting our security posture; assessing the likes of AV, local Firewall, malware protections, local admin rights, and researching more effective solutions that further enhance our end point security.

Security Awareness Training

We have a team for this already; this role however can serve as a strong voice for ensuring our awareness program is truly capturing some of the most important bits to share and educate.

Incident Response

We currently have a Level 1 and Level 2/3ish support structure. Our Security Engineers are a backup for level 3 matters that the SOC is unable or not prepared to handle.

ASAs, VPN, Firewalls

While the team is currently handling administration and modifications to these technologies, the goal is to have those services moved to our Network Engineering department, Security retaining a governance and oversight role including the change management role of evaluation and approval of associated changes. Aside from active changes to those focus areas, Security Engineering is responsible for proactive evaluation of current or proposed Firewall rulesets, ASA configurations, VPN tunneling, VPN configurations, etc. to determine security exposures and overall clean up (seeking security-based control around current state)

Cloud Security, Virtual Containers

A highly collaborative cross-team focus area, Security's role at the Sr. Engineer level is to conduct requirements gathering, working with Enterprise Architecture to determine options that meet the needs of the request, and designing appropriate solutions that enable business drivers yet conform to our security controls for cloud use. Sr. level engineers go beyond the basis of tool selection and deployment and into the "How do we protect this overall" mindset, seeking tool functionality, metrics, reporting, cross-tool integration to design a comprehensive solution that ensures our cloud utilization as a company enforces the very controls we have in place while offering quantifiable validation of such. Sr. Engineers on any engagement are expected to see beyond the tool implementation itself and well into the next phase of "Now what".

Security Operations Monitoring and Alarms

Our Security Engineers and Sr.s, are expected to be partners with our Security Analysts in the SOC. While the SOC leverages third parties to handle level one support, the handoffs are still full of many false positives or benign information. The data currently being fed to the proprietary SIEM is at the mercy of us pointing out what metrics, trends, or data points we'd like to see reported. The Security Engineering team, with their deep understanding of the security tools in place, are responsible for working with the SOC to identify meaningful metrics, trends and alerts to ensure best use of staff time. The goal is ensuring value content to the SOC, while further informing Security Engineering on security investment effectiveness, efficiency, or visibility into previously unknown or undervalued exposure.

Mentality and Drive

The entire security team is expected to always view our roles and approach from a security context, "What am I protecting, Where is it, How do we protect it today, How much visibility do I have in our protective abilities, How effective is our protection, Would we know if said protections were compromised, what can we do better, how do we be more proactive and preventative minded" Our Sr. Engineers however go beyond the thought process; ongoing assessments, evaluations, testing, and validations to prove/disprove these questions should be actively planned throughout the year on a (People, Process, and Tools basis). An additional focus in this context is, "I know what I know of our environment - but what DON'T I know". again, a Sr. Engineer is going to investigate HOW to gain that exposure - or confirm that we do in fact see most everything - but able to quantify and demonstrate proof.

Application Security

Application security generally falls under a unique skill set, however all areas mentioned above would still apply here. At an Engineer level, our Application Security team would manage our secure code tools, ensure scans are taking place, ensure integration to developer tools such as Jira, and develop metrics, reporting, and trending. At the Sr Engineer level for AppSec, the role is additionally focused on tool effectiveness with collaboration amongst our Application Development partners. Going beyond mere scans and tickets, the Sr. Engineer can evaluate and risk-based prioritize findings into a manageable list for remediation; working with developers to understand the vulnerability and how to prevent it going forward. Our App Sec engineers are true partners with our Dev teams; offering assistance wherever we can yet staying true to the security controls in place. Sr. Engineers in this capacity are focused on "How much are we seeing, what aren't we seeing, how many errors are proving that we have a training opportunity across the development team? How do we work with developers to proactively ensure secure coding in the early stages rather than pushing rework in remediation?

Information Security, Privacy, PII

Security Engineers are expected to ask this question in any effort they take on and how these attributes might be impacted. Our Sr. Engineers however are also expected to be asking these questions across the enterprise. Identifying where our sensitive information resides, what systems it is shared with, who is accessing it, where is it going, how are we protecting it, etc. How do we enforce our data classification schema, how can we quantify effectiveness, etc. What solutions might be necessary to further protect our informational assets - and develop proposals to accomplish them.

Metrics, Analysis, Reporting

Security Intelligence is only as good as our ability to report on it; if we can't quantify it with defensible data then we are most likely basing our statements on assumptions. The goal is to represent our security posture as a company into a quantifiable index score. While the engineers are not expected to understand the formula or method to arrive to such a score, they are expected to have the insight into what metrics would prove most insightful to quantify known exposures, effectiveness of tools, active threats in our environment, ongoing vulnerability exploitations, areas of improvement, areas of uncertain knowledge in our environment, etc. Our Sr. Engineers need to go beyond the existing inventory of data points and assess what we're not reporting on, what data points are not currently available but should be, what metrics require multi-point integration to make a more comprehensive point in our security posture analysis.

Security Tools (People Process Technology)

As a security engineering team, our tools are what provide insights into the inner workings of the enterprise. Done correctly, our tools provide even greater insights into what shouldn't be going on within our environment. Our Security Engineers share the responsibility of assessing our current tools researching how we might better leverage our existing investments; what capabilities are we not using and why, what intelligence can the tool produce that we don't leverage today, what expansions might be available and would they provide justifiable value. Our Sr Security Engineers however are looking down the licensing renewal timeline, determining if our existing investments are making the cut or if they should be evaluated for replacement. Our Sr. Engineers would work with the team and any relevant stakeholders to identify current capabilities vs what is available through other solutions and at what cost. The Sr. Engineer would confer with Architecture on long term strategies and ultimately make the proposal well in advance of licensing expiration on what path should be taken - all while ensuring such changes are budgeted a year prior. Sr. Engineers are expected to be highly proactive, methodical and insightful.


Lake Forest Illinois, United States of America
IT
$125k-140k + Bonus
Anthony Honquest 
JSTH-5026LFIL
4/18/2019 2:18:38 PM

About Request Technology - Anthony Honquest
You may be just a keystroke away from fulfilling yourREQUEST for success...REQUEST is an executive search firm specializing in recruiting Information technology professionals for organizations in the...

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.

Other jobs like this

Lake Forest Illinois
120k-140k + bonus
Chicago, Illinois
120-140k + bonus
Chicago, Illinois
$125-140K +Bonus
Chicago, Illinois
$125-140K + Bonus
Lake Forest Illinois
130-160k +5% bonus
See more