Job Title:
Security Engineer
Position reports to:
Security Engagement Manager
Department:
Security Operations
Location:
This not a remote position. The role is on-site at Alias HQ.
Job Description: A Security Engineer is a member of the SOC and works closely with other members of the team and customers to monitor, consult, and aid in managing security projects for all clients. This role must have a strong understanding of industry information security principles, standards, best practices, and quickly acquire knowledge of every aspect of information security, technical and business-related. The primary function of this position is to perform Penetration Testing, assist in Incident Response, analyze security measures in place, determine effectiveness given the current threat environment, understand how to remediate vulnerabilities, recommend, and implement changes to improve the client’s long-term security posture, provide technical guidance, and coordinate with staff, management, and clients on all matters related to information security.
Essential Functions:
- Perform in Security Penetration Tests and Reporting for clients
- Perform full Risk Assessments and assist in performing IT Audits
- Create and/or maintain accurate design documentation of all information security systems and assist other departments with documentation efforts as needed.
- Perform onsite engagements as needed
- Assist in Forensic Examinations as needed
- Assist the Sales Team with scoping calls as needed and participate in project kick-off calls
- Assist in job documentation and the completion of reports
- Schedule and complete projects in a timely manner
- Provide daily updates in system and/or to Management on assigned projects or efforts
- Speak in Public Forums such as class visits, conferences, media, etc.
- Evaluate alerts for Existing Clients via SIEM tool
- Perform Network Investigations into Events
- Maintain awareness of current and future cyber threats that could impact the company.
- Evidence strong ability to digest threat intelligence into actionable responses.
- Evidence good understanding of the OSI model and how to interpret packet captures of network traffic.
- Participate in configuration reviews.
- Maintain a good awareness of security and control issues in emerging technologies
- Available 24/7 to assist during Incident Response activities
Education and Work Experience:
- Preferred – Associate’s degree in Computer Science, Information Systems, or other equivalent experience
- Preferred – Relevant IT and security certifications
- 5+ years of relevant work experience in IT Security or Information Technology
Knowledge, Skills, and Abilities:
Functional
- Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships
- Strong written and oral communication skills
- Display strong organization skills and can successfully multi-task, prioritize work, and complete assigned projects with limited guidance from management or senior team members
- Proven ability to work under stress in emergencies, with the flexibility to simultaneously handle multiple high-pressure situations
- Desire to work as a team player and self-starter, and an ability to coordinate with other members of the SOC to accomplish results
- Must be able to exert up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly, to lift, carry, push, pull or otherwise move objects
- Must be able to conduct repetitive motion and substantial movements (motions) of the wrists, hands, and/or fingers
- Must have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading
- Occasionally may be required to perform extended standing, walking, and climbing; to lift up to 50lbs, to manipulate up to 100lbs. with assistance
- Must be able to bend, stoop, and climb to reach materials or gain access (must be able to climb under or scale a six-foot fence)
Technical
- Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, and automated incident response tools
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
- Knowledge of common regulatory, audit and compliance requirements (SOX)
Physical Demands:
- Typical of work in a professional office environment.
Work Environment:
- Office work, with travel to client locations for testing and audits as needed
- Availability for monitoring and response after hours as needed
This employment comes with a 90-day probation period. After the initial 90 days the employee will be eligible for paid vacation, sick time, and other benefits. Furthermore, this job is a Full-Time position with working hour from 8:00AM – 5:00PM with weekends off and paid holidays.
Alias believes that all persons are entitled to equal employment opportunities. We do not discriminate against race, color, national origin, religion, sex, age, disability, genetic information, sexual orientation, gender identity, or any other protected classification recognized by state or federal laws.