---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Dallas, Texas, United States
Type: Permanent F/T
Closing Date: 2007-08-09
SR. SECURITY ENGINEER
DIRECT HIRE
IRVING, TX 75039
KEY SKILLS:
• CISCO PIX FIREWALL
• UNIX
• IDS TOOLS
• VULNERABILITY MANAGEMENT
• DEVELOPING BUSINESS PROCESSES
• DOCUMENTATION SKILLS
SUMMARY
Security Services’ mission is to provide security services for Data
Return’s shared management infrastructures, Highly Managed Hosting (HMH)
environments, and IT Outsourcing (ITO) environments. The Data Return Security
Services team is responsible for ensuring the confidentiality, integrity, and
availability of Data Return’s informational assets.
Security Analyst
As a Security Engineer, your objective is to deliver world-class engineering,
development, administration, support and ongoing maintenance of Data
Return’s supported security platforms and services. You are responsible
for the evaluation, implementation, development, optimization, ongoing
maintenance and administration of these systems, tools and related business
processes & procedures.
As a member of a 24x7 support team, this position must be available for
after-hours critical escalations.
The Security Engineer, Vulnerability Management is responsible for insuring the
confidentiality, integrity, and availability of the network, attached devices,
and the data stored and transported within it through the discovery, analysis,
and remediation of vulnerabilities. The Security Analyst is also responsible
for maintaining and administering the application and tools necessary to
support the primary function.
KEY PERFORMANCE ELEMENTS & METRICS
Role: Vulnerability Assessment % Time: 10
• Perform penetration and vulnerability assessments
• Review and analyze results from third party assessments and audits
• Manage remediation of vulnerabilities
Role: Support / Escalations % Time: 10
• Act as escalation point for support on security concerns.
• Maintain support documentation for enterprise security applications.
• Act as escalation point for enterprise security application issues.
Role: Application/Network Management/Administration % Time: 50
• Participate in the development process by working with teams to assist
in the testing and roll-out of security hardware and/or software
• Maintain firewall management applications
• Maintain and administer enterprise security applications.
• Verify correct Service Pack/Patches/Hot Fixes/OS Upgrades have been
performed by CERT
• Conduct proactive audits and investigations of existing servers and
infrastructure
• Review, analyze, and respond to threats surfaced through enterprise
security applications
• Perform trend analysis on enterprise security application data.
Role: Training % Time: 10
• Train implementation and support engineers on usage and support of
enterprise security applications
• Train employees on security policies and processes
• Expected to stay current and proficient on existing and emerging
relevant technology through self-study, company provided training and
manufacturer provided training
• Participation and certification in all required company provided
training
• Successfully pass all required technical skills assessments
Role: Support / Escalations % Time: 15
• Escalation for all security-related issues
• Conduct any required post mortems to determine root cause as directed
by management
• Maintain and support anti-virus software deployed on OSS and customer
servers
• Maintain and support company IDS products
• Remediate security breaches
JOB REQUIREMENTS
---------------------------------------------------
• CISCO PIX FIREWALL
• UNIX
• IDS TOOLS
• VULNERABILITY MANAGEMENT
• DEVELOPING BUSINESS PROCESSES
• DOCUMENTATION SKILLS
KNOWLEDGE, SKILLS &
Technical Skills & Experience
• 5+ years experience with Windows Server 2000, 2003 (all versions) and
Windows Server applications.
• 5+ years experience working with enterprise server platforms;
preferably HP Proliant, IBM xSeries, and Sun.
• Strong working knowledge of Internet networking technologies and
principals including TCP/IP and DNS.
• Strong working knowledge of Microsoft platforms and technologies
including: IIS and SQL Server.
• Practical or educational background in development principles
• Proven ability to absorb, master and leverage emerging technologies.
• SSCP, GIAC or other technical security certifications highly desired
• Bachelor’s Degree in Computer Science, Management Information
Systems (MIS/CIS), related degree or equivalent experience
• 2 – 3 years of system/network penetration techniques
• Familiarity with a wide range of assessment tools (Nessus, Nikto, LC5,
Nmap, MetaSploit, etc)
• Minimum 2 years information security experience
• Minimum 6 years IT industry experience
• Experience with interfacing with multiple types of information security
auditors
• Strong technical knowledge of enterprise level hardware, networking,
operating systems and applications
• Excellent documentation, communication and interpersonal skills
• Excellent analytical and problem-solving abilities
• Thorough knowledge of industry compliance and certification
requirements, standards and processes (PCI, HIPAA, Sarbanes Oxley, SAS70 II,
ISO 17799, BS15000)
• Accomplishes tasks with minimal supervision
• Experience with large corporate environments/infrastructures
Soft Skills & Experience
• Demonstrates commitment to providing customer-focused quality service.
• Excellent service-driven customer-focused skills.
• Proven ability to work in both a team environment and independently.
• Excellent oral, written and interpersonal communications skills.
• Exceptional troubleshooting and problem solving abilities.
• Proven ability to absorb, master and leverage emerging technologies.
• Superior project planning and management skills.
• Talent for creatively utilizing technology, people and processes to
solve unique business problems in a cost-effective manner.
• Strong time and attention management skills.
• Strong attention to detail.
• Technical diagramming (Visio) and documentation capabilities
Academic Credentials
• Bachelor’s degree, military background or equivalent experience.
Industry Certifications
• SSCP, GIAC, Cisco Security Certs preferred. Equivalent industry
experience will be considered.
CONTACT
---------------------------------------------------
Please send your resume and salary requirements to diana.king@datareturn.com
Data Return
Diana King
diana.king@datareturn.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
