Trofi Security is looking for an expert Security Engineer to join our consulting team to ensure that our client’s applications and infrastructure are designed and implemented to the highest standards thus maintaining and enhancing customer trust. If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews on many elements of our client’s systems. First assignment is for 3-6 months full time in Overland Park, Kansas. Contract can be 1099 or W2.
Key tasks include:
- Identify security issues and risks, and develop mitigation plans
- Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
- Develop and interpret security policies and procedures
- Mentor junior members of the team
- Participate in security compliance efforts (e.g., PCIDSS, SOX)
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Acquisition and vendor risk assessment due diligence
- Evaluate and recommend new and emerging security products and technologies
- Participate in tier 2 and tier 3 security operations support
- Participate in incident handling
- Evangelize security within Company and be an advocate for customer trust
Basic Qualifications:
- BS/MS in Computer Science or equivalent desired
- Emerging company-wide reputation in the field of information security
- Consistent implementation of security solutions at the business unit level
- At least 3 years experience in infrastructure or application-level vulnerability testing and auditing
- At least 3 years of system, network and/or application security experience
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Preferred Qualifications
- Experience with service-oriented architecture and web services security desired
- Experience with the application of threat modeling or other risk identification techniques
- Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
- Scripting skills (e.g., PERL, shell scripting)
- Excellent written and verbal communication skills
- Excellent leadership skills and teamwork skills
- Results oriented, high energy, self-motivated