Security Engineer (offline)

QUALIFICATIONS & SKILLS

o Experience IT and\or in Information Security role

Education & Certifications
o Two or more of the following:

Any two CompTIA certifications (Security+, Network+, etc.)
Any two vendor certifications (Microsoft, AWS, Google, Cisco, Juniper, Checkpoint, Palo Alto, CyberArk, etc.)
Any one of the GIAC certifications (GCIH, GSEC, GCED, GISP, etc.)
Any one of the ISC2 certifications (CISSP, etc.)
College degree (BS, BA, field is irrelevant)
Qualifications & Skills
o Cognitive

Ability to think like an attacker
Ability and desire to advance technically
Ability and desire to educate others
o Administrative

Strong work ethics, attention to detail, and organizational skills.
Demonstrated ability to assume sole and independent responsibilities, and ability to keep track of numerous detail-intensive, interdependent tasks and ensure their accurate completion
Able to articulate and translate cybersecurity risks, both verbally and in writing, to business objectives for different audiences at varying levels of complexity
o Technical

Preferred Experience (at least 4 of the following):
Azure, Azure AD, and Office 365, administration and security configuration
SIEM platforms (Slunk, LogRhythm, ELK, etc.)
Windows Server and Windows domain environments (AD, GPOs, Trusts)
Identity Platforms - OKTA, OneLogin, Ping, or other
Strong fundamental networking knowledge (LAN, WAN, Firewalls, ACLs, Wireless security, etc.)
Privileged Access Management Platforms (CyberArk, BeyondTrust, Thycotic, etc.)
Intrusion Detection/ Prevention platforms (FireEye, Security Onion, SORT, etc.)
Mobile Device Management platforms (Intune, JAMF, etc.)
Network traffic analyses and network capture solutions (Wireshark, Zeek, Netflow, NetScout)
Industry or subject-specific analysis or assessment frameworks (SOC2, ISO, NIST, HITRUST, etc.)
Encryption algorithms and related technologies (secure communications, SSL, PKI)
Solid understanding of DevOps and Secure Development Life Cycle practices to shift security left.
Solid knowledge of common vulnerabilities and exploitation techniques (e.g.: SQL injection, buffer overflows).

RESPONSIBILITIES AND DUTIES

Acquire an understanding of the Company’s technology and information systems (holistically and understanding interdependencies).
Assess security risks, recommend solutions that meant business needs and security requirements.
Educate internal teams on information security best practices.
Serve as an escalation point for security analysts for incident response and alert triage.
Respond to investigations into security-related events and provide a thorough post-event analysis for senior management.
Identify, recommend, design, and maintain security policies, procedures, and best practices for the organization.
Assist in the evaluation, testing, implementation, and maintenance of endpoint, network, and cloud security tools.
Enforce security policies and procedures by administering and monitoring security profiles, review security violation reports, and investigates possible security exceptions.
Daily administration and operation of security technologies, including rule creation, reporting, correlation, and performance monitoring.
Assist in the development of strategies to respond to and recover from a security incident.
Respond to service issues, problems, and critical situations to support the resolution and minimize downtime.
Communicate effectively with customer-facing teams, internal infrastructure teams, and senior management staff.

About

https://www.creatio.com/company/about

Company website:
https://www.creatio.com