Senior Security Engineer
Portland, OR Area
At IGNW (formerly InfoGroup Northwest), we use our deep technical insights, local market knowledge and rock-solid relationships and reputation to create exceptional business outcomes for people and companies every day. We are based in Portland, OR with global partnerships to deliver the industry's top technical solutions and talent to every one of our clients. Our clients, consultants, contractors, partners and employees choose IGNW because we tackle the tough problems, and we care deeply about people while we do it.
Our client’s Technical Operations team is looking for a seasoned and passionate Sr. Security Engineer to be a part of their Technology organization to drive and enable security best practices across the business. This position will have primary responsibility for security platforms in all environments (production, development, quality-assurance and staging) and work to secure our corporate technical security.
The Security Engineer’s responsibilities include security system deployments, configuration, monitoring and reporting. This position will help perform vulnerability assessments, security testing, and work with other cross-functional teams (DevOps, DBA, Operations, Development, and QA) on remediation and mitigation of risks. This position will be a key player on the Incident Response Team and Disaster Recovery Business Continuity team. The Security Engineer provides support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and data.
In this position, you’ll have the unique opportunity to work through the challenge of helping one of the fastest growing companies in the Northwest scale up to handle larger enterprise and global clients.
- Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
- Participate in implementation, configuration, and analysis of network, application and host-based security platforms
- Vulnerability scanning systems and tools
- Code analysis and remediation
- Application security planning, monitoring, and mitigation
- Network-based Intrusion Detection/Prevention Systems (IDS/IPS)
- Host-based Intrusion Detection/Prevention Systems (HIDS/HIPS)
- File integrity verification and monitoring software
- Security Information & Event Management (SIEM) platform
- Web Application Firewall
- Network Access Control (NAC)
- Data Loss Prevention (DLP)
- Anti-virus and anti-spyware console
- Firewall and network access controls lists
- Web and E-mail proxy and filtering systems
- Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations.
- Evaluate and implement and enterprise SOC service.
- Provide reoccurring reports for network and host-based security solutions.
- Provide CSIRT support as needed in response to information security related events.
- Participate in DR validation exercises and continuous improvement processes.
- Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
- Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
- Establish and maintain a strong working relationship with all team members.
- Provide off-hours support on an infrequent, but as needed basis.
- Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a collaborative team environment.
- Perform other network related functions as directed
- Thorough understanding of the OSI model and the security implications and considerations of architecture, code, infrastructure and data
- Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.
- A minimum of 4-7 years IT experience; at least three of those years focused on network and/or IT security.
- Industry recognized information security certification, such as a CISSP (or Associate), SSCP, CEH, or equivalent is required.
- Proven experience with industry related regulatory certification including ISO 27001 is preferred.
Hands on expertise with major equipment providers including Juniper, Cisco, F5 Networks, Barracuda, Zeus, A10 Networks.
- Hands-on experience with some of the following: vulnerability scanning, firewall, antivirus& malware analysis, proxy, IDS/IPS, log correlation tools, SIEM, DLP, NAC, and application firewall solutions.
- Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
- Good technical writing, documentation, and communication skills are required.
- High energy and passion for leveraging technology advances and industry trends.
- Proven experience collaborating with cross-functional teams.
- Excellent attention to detail and complex problem solving capabilities.
- Superb verbal and written communication skills.
- Excellent interpersonal skills with a demonstrated ability to work in a cross-functional team environment.
- Strong customer focus.
**No Corp to Corp or 3rd party resumes can be accepted for this position.**
Our clients may require that candidates pass a drug and/or background check.
To apply, please send your resume to:
Oregon's Top 100 Best Companies to Work For - 3 years running
To view other IGNW opportunities please visit www.ignw.io