Log In | Sign Up | Refer A Friend |
Job Details (Back to Search Results) |
Sr. Security Engineer
Columbus, OH The SENIOR SECURITY ENGINEER is a highly seasoned network defender and incident handler with a broad range of skills across multiple IT disciplines and platforms. Primarily a threat hunter, the Senior Security Engineer is responsible for leveraging a deep understanding of network protocol and traffic analysis techniques to map threads of suspicious activity which would ordinarily not be noticed by automated security controls in real-time and at scale. The role spots indicators of compromise, quickly drills into data to determine incident scope, and thwarts attacks at multiple points within the cyber kill-chain. The role is also responsible for continuous vulnerability assessment activities, secure architecture review, and security control tuning based on intelligence feeds. REPORTS TO: Director, IT Security & Compliance ESSENTIAL DUTIES AND RESPONSIBILITIES: *Leverage the combined outputs of network and system log data, protocol analyzers, intrusion detection systems, and threat intelligence sources to quickly identify and remove malicious actors from Designer Brands networks *Conduct continuous analysis of captured network traffic to flesh out malicious activity as well as system design flaws within the network enclave *Design compensating controls around security deficiencies *Write custom IDS/IPS rules and generate handcrafted packets to test them *Conduct forensic memory and disk triage-imaging activities *Provide post-incident security control tuning recommendations *Deploy security infrastructure as required *Other duties as assigned REQUIRED SKILLS AND COMPETENCIES: *Highly skilled communicator *Experience with one or more log-aggregation / SEIM platform (e.g. ELK, Splunk, Rapid7 etc.) *Deep understanding of network traffic analysis tools including, but not limited SiLK, Snort, BRO, and TCPDump *Thorough understanding of the cyber incident lifecycle and kill-chain *Ability to identify, classify and appropriately escalate security events, alerts, and incidents *Foundational programming knowledge. *Understanding of digital forensics tools to include, but not limited to Encase, Volatility and Forensics Tool Kit (FTK) *Expert knowledge of Linux, Next Generation Firewalls, and IDS/IPS systems QUALIFICATIONS: EXPERIENCE AND EDUCATION: *6 years of experience in field of security *One or more of the following industry certifications is preferred: OSCP, GPEN, GCIH, GCIA, GMON, GCWN |
© 2014 Hound |