Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Position: ISSE (Cyber Security Systems Engineer) Location: Remote Type: Contract Position Summary Roles and Responsibilities: Client's ISSE team members provide technical leadership and guidance on cybersecurity topics to both internal and external teams and are responsible for configuring, maintaining, and administering a wide range of cyber security technologies such as Intrusion Prevention Systems, Intrusion Detection Systems, vulnerability scanners, network mapping tools and the related servers, databases and circuits. Note : For mid to senior roles, see below Desired experience for mid to senior candidates Overview of the team responsibilities and core competencies include: Secure architecture design, configuration, deployment, management, and use of Cyber Security Technology in response to malicious activity directed toward enterprise networks, systems and information. Use of Cyber Security technologies such as SEIM, EDR and other technologies in responding to Information Security incidents. Staying current with the latest industry best practices, exploits and remediations, etc. Troubleshooting complex technical problems involving a wide range of Cyber Security technologies in use against sophisticated threats. Developing requirements for technical capabilities for cyber security technologies needed to defend a large geographically dispersed enterprise. Recommending configuration and architectural changes to improve the performance, usability, and value of cyber security and analysis tools Ensures technology employed by the Cyber Security Operations Center complements operational processes. Threat Assessment and Mitigation: Continuously monitoring and assessing potential cyber threats and vulnerabilities. Implementing proactive measures to detect, prevent, and mitigate security breaches, including intrusion detection systems, firewalls, and endpoint protection. Incident Response and Recovery: Developing incident response plans and procedures to quickly address security incidents. Leading or contributing to incident response efforts to minimize damage and prevent future incidents. Compliance and Regulatory Adherence: Monitoring and ensuring compliance with relevant industry regulations (e.g.: GDPR, HIPAA, PCI DSS) and internal security policies. Participating and leading audits and assessments to demonstrate adherence. Documentation and Reporting: Maintaining accurate documentation of security policies, procedures, and incidents Generating reports on security metrics, incidents, and trends for management review. Security Infrastructure Design: Collaborate with cross-functional teams to design and implement security solutions that align with business goals and risk tolerance. Developing security architecture and framework for networks, systems, applications, and cloud environments. Desired Qualifications: Bachelor's degree in Computer Science, Information Security, or related field or equivalent professional experience. Minimum of five years IT experienceideally with three or more years in a technology administration role. Effective communication and collaboration skills. Continuous learning mindset to stay current with the tools and the rapidly evolving cyber threat landscape. Motivated with a positive attitude and a strong bias towards taking corrective action and providing resolutions. Able to build and maintain positive relationships with peers and external teams. Provides coaching and mentoring to both internal and external teams. Intermediate to advanced knowledge of the below should align ISSE candidates for success: Experience and understanding of authentication protocols like: SAML, OIDC, Active Directory. Windows and Linux operating systems and common applications. Network architecture and switching/routing protocols, including CIDR, etc. NetFlow and other analytic methods for detecting malicious network activity. Software and network troubleshooting. Automation via infrastructure as code (IaC) and CM: e.g.: Terraform, Ansible, etc. Programming/scripting e.g.: Python, PowerShell, Bash, Golang, C, JS, SQL, etc. Log management and parsing strategies. CI/CD pipeline experience e.g.: Concourse, Gitlab, Github Actions, etc. SIEM tools experience e.g.: Splunk and SPL, DataDog, Grafana, NewRelic, etc. General relational and NoSQL database/datastore experience. Designing, implementing, and maintaining security solutions for complex environments. Understanding of network protocols, operating systems, and cloud platforms. Familiarity with security compliance frameworks and regulations. Security tools and technologies e.g.: firewalls, intrusion detection systems, and encryption. Problem-solving skillset and the ability to think strategically about security. Candidates with experience with the following (or similar) tools will be given preferential consideration : Tenable Nessus, Ansible, Terraform, Web Inspect Candidates with relevant certifications and experience will be given preferential consideration : E.g.: CISSP (Certified Information Systems Security Professional CISM (Certified Information Security Manager CompTIA Security+ Certificate programs in relevant areas e.g.: Kubernetes, Ansible, etc. Prior DOD/FedRAMP experience. Desired experience for mid to senior candidates Hands-on experience or sufficient knowledge and exposure with the following: DevSecOps as individual contributors, Leads, or in an SME capacity. Operating system and application scanning and managing/automating tool administration. IaC (including Terraform and Ansible Cloud experience (ideally AWS, followed by GCP and Azure Cloud connectivity solutions (VPC, networking, CIDR, Security Groups, ACLs, etc. CI/CD pipelines (Github Actions, Gitlab CI/CD, Concourse, etc. Secure operation and management for containers and Kubernetes environments. Automation and scripting abilities with Python, Bash, PowerShell (or equivalent