Responsibilities:
 

The Security Engineer role includes platform Security Monitoring and Analytics; overseeing and performing Security Engineering tasks and functions; and developing and maintaining application security services for lab and production environments, supporting number porting services for the NPAC (Number Porting Administration Center). In addition, the candidate will be responsible for securing existing systems and applications; evaluating the security for 3^rd party applications, host systems, development software, devices, and technologies for vulnerabilities; and developing requirements for related security solutions. Candidate must develop a thorough understanding of the solution (platform, application, and processes being developed and implemented) to fully meet the technical requirements of the position. 

 Some essential functions of the role include, but are not limited to the following:

• Must be available to support changes and maintenance windows, as needed and required (off-hours).
• Must be available to work in the Security 24 x 7 On-Call rotation and initiate escalation procedures to counteract potential threats/vulnerabilities.
• Assist with incident response and potential breach activities, on a 24x7 schedule, if necessary.
• Conduct security assessments to identify vulnerabilities in existing systems.
• Design and implement security measures to protect against potential threats.
• Develop, implement, and manage security policies and procedures.
• Test, evaluate, deploy, and configure security products and solutions.
• Administer and support security platform components including:  SIEM, HIDS, NIDS, FW, WAF, etc.
• Create and update SIRP response plans and lead incident response teams.
• Monitor system, network, and application activity for signs of unauthorized access or malicious activity.
• Perform security audits and risk assessments.
• Bachelor’s degree in computer science, computer engineering, or similar technical discipline or 6+ years of equivalent work experience.
• Work remote in commutable distance to Bridgewater, NJ or Dallas TX
• US Citizenship required

 General Skills and Qualifications:

• Information security engineering subject matter expert.
• Strong analytical and problem-solving abilities.
• Effective communication and collaboration skills to work with cross-functional teams.
• Analyze threats and attacks reported from multiple sources both internal and external.
• Knowledge of operating systems, virtualization, and database platforms.
• Operating systems: Enterprise Linux, Solaris, Windows.
• Virtualization: VMware, LDOMs, OVM.
• Scripting and /or development ability to integrate, enhance, or customize existing security tools.
• Oracle Database, security auditing and logging.
• Knowledge of network devices, security solutions, and technologies.
• Network, System, and Application event reporting and logging.
• Understanding configuration policy changes for router, switch, firewall, load balancing, updates, upgrades,  and lifecycle management.
• Expertise in configuring and managing firewalls, intrusion detection systems, and other security devices.
• ACL creation, update, and review.
• SIEM, event log processing, correlation, alarming, and reporting.
• WAF policy development and tuning.
• NIDS policy development and tuning.
• Endpoint monitoring and controls, FIM, HIDS, EDR.
• Application security review and assessments.
• Experience with vulnerability assessment and penetration testing.
• Vulnerability scanning, scan development and tuning, review and reporting, develop and support remediation plans.
• Manage penetration test engagements, review findings, and manage remediation efforts.
• Knowledge of security frameworks and industry best practices.

Additional Skills:

• Knowledge and/or experience with the following security applications are a plus – Wazhu, QRadar, Fortinet, CrowdStrike, QLIK, RedSeal, and Tenable Security Center/Nessus.
• Security Industry certification(s) preferred

Responsibilities:

*** Eastern and Central Time Zone locations only***

Your role as a SOC (Security Operations Center) Analyst is to ensure service platform security health and integrity through Application, Network and SIEM monitoring. In this position, you will play a crucial role in the Security Operations Center (SOC) by being a key member of the service solution monitoring and Security Operations team. Primary emphasis will be placed on daily monitoring and review of network, system, and application events to identify potential security incidents.

In addition to monitoring, you will be required to provide support to the internal and external groups to assist in troubleshooting security service/system issues, collecting system/application/performance data, opening and managing trouble tickets, documenting security incidents and security procedures and performing on-call services and necessary security management escalations when required.

Depending on the skills and ability to improve there will be opportunities within the team. The Security Analyst may be required to:

•Perform Security Incident Management (opening, documenting, analyzing, managing, remediating and resolving) trouble tickets.

•Investigate security events in: SIEM, Anti-Virus/Malware, Cloud and other related Systems

•Perform preliminary log collection and incident investigations, determining the root cause of the security incident and preserving evidence for potential action

•Initiate escalation procedure to counteract potential threats/vulnerabilities

•Interface with technical personnel and other teams as require

• Provide daily incident/request and various monthly security reports as needed or required

•Interface with technical personnel and other Operations/Development/Project Management teams as required

•Participate in knowledge sharing with other analysts and develop security monitoring and incident mitigation solutions

•Strictly adhere to standard Security, SOC and Operations Methods and Procedures (M&P)

•Generate and maintain documentation to support the development and/or improvement of Security Policy and Procedures

•Support Security and Industry Maintenance Activities (Off-Hours Support)

•Occasional after hours and weekend work

• On call when needed

Required Qualifications: 

•3-5 years security experience

•Basic knowledge of IT technologies, ideally related to Security

•Basic knowledge of Unix/Linux and Windows Server operating systems

•Basic knowledge of networking (e.g. subnets, routing, etc.)

•Interest in Security, Network and Server Monitoring technologies

•Personal Attributes:

•    Team-player

•    Coachable and trainable

•    Proficiency in written and spoken English

•    Strong organizational, writing, and communication skills

•    Analytical and problem solving skills

•    Customer and quality focused

•    Highly-motivated

•    Self-starter and innovative thinker

•    Ability to multi-task and work independently

•    Ability to work in a dynamic environment

•    Interest in Security, Network and Server Monitoring technologies

•    Willingness to learn and improve

•    US Citizenship Required

Additional Skills:

•Knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, Routers, etc.

•Knowledge of Security principles, techniques and technologies

•Understanding the technical aspects of Information Security

•Experience with Security Information and Event Management (SIEM) tools.

•Programming and scripting skills

•Basic Telecom industry knowledge preferred but not required.

•Experience with Vulnerability scanners.

•Previous experience in Network or Service Operations Center, technical troubleshooting, customer support, monitoring systems and knowledge of ticket and incident management, resolution and escalation processes.