Sr Security Engineer – SOC – Edge
Location: West Pittsburgh, PA
Job Type: Full Time / Permanent
In this role, the candidate will collaborate with technology and business personnel in the areas of Bot Mitigation, Vulnerability Management, and Minimum Security Baselines. The candidate must be able to reliably achieve program objectives, address uncertainty, and act with integrity. The candidate will be a subject matter expert as it relates to the awareness of vulnerabilities and threats and how they affect the company environment. The candidate should have advanced, in-depth knowledge of information security governance, risk, vulnerability management lifecycle, vulnerability management remediation, minimum security baselines, and the ability to apply these concepts within their work environment. Specific experience with bot mitigation solutions and concepts is also required.
- Work as part of a team of Information Security professionals supporting the enterprise.
- Engineer solutions and execute compensating controls specific to Ecommerce and edge mitigation tools
- Triage and respond to concurrent security incidents
- Escalate issues to senior staff/management as required
- Assists IT staff to remediate any vulnerabilities and/or threats to corporate networks
- Document incident results and report details to the security organization
- Respond to internal customers, partner’s and auditor’s request for information regarding the corporate security event management capabilities
- Document existing and new processes, mature existing documentation.
- Research, analyze and understand log sources, particularly security and networking devices (such as firewalls, routers, anti-virus products, and operating systems)
- Assist and participate with security incident management processes
Education & Experience:
- Bachelor’s Degree
- Equivalent Work Experience
- Experience: 4-8 years
- CISSP desired (Certified Information System Security Prof.)
- CISA desired (Certified Information System Auditor)
- GIAC certifications desired
- Experience in the administration of multiple operating systems
- Coordinate the remediation of vulnerabilities through stakeholder reporting and engagement of technology owners
- Must understand the potential types of attack and protection/mitigation for digital online client facing systems (such as DDos, Bot, WAF, password policies end etc.)
- Ability to write scripts using bash, PowerShell, Python, Perl, etc.
- Must possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST)
- Experience working within an SDLC for large and complex development teams with a focus on DevOps practices
- Experience in IT security triaging incidents with security and analysis tools such as web application firewall, bot management, SIEM
- Vulnerability Management Platform experience
- Be capable of partnering with business and IT teammates as a trusted advisor on information security governance, risk, and compliance matters as required
- Experience in scripting languages such as Python, PowerShell, Bash, etc.
- Candidates must have an understanding of incident response methodologies and technologies
- Strong understanding of web attacks including but not limited to XSS, SQL Injection, command injection, and the ability to analyze and differentiate malicious web traffic from legitimate traffic as well as edge mitigation technologies to protect application level attacks like Bots, ATO and Credential Stuffing attacks targeting both desktop and mobile applications
- Strong understanding of cloud technologies
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with associates
- Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
- Candidate must be able to react quickly, decisively, and deliberately in high stress situations
- Highly motivated individual with the ability to self-start, prioritize, and multi-task
- Will be required to support the day-to-day operations of security controls within the following areas: whitelisting, mobile security, web filtering, Windows, VMware, compliance monitoring and application reviews
- Ensure proper metrics, analysis, and reporting for continuous process improvement.