GreenSky Administrative Services LLC

  • Sr. Security Engineer

    Job Location(s) US-GA-Alpharetta
    Posted Date 1 month ago(12/6/2018 12:35 PM)
    Job ID
    2018-2850
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Position: Senior Security Engineer


    Overview:

    GreenSky is looking for a Sr. Windows Security Engineer to join our Corporate Security Organization. The ideal candidate has the mind of hacker and the heart of a teacher. Do you enjoy frustrating our red team with your ingenious detections and expertly hardened systems? Do you get excited hunting malware in the central logging system knowing you already made sure all the logs were there? If so keep reading!


    The Senior Windows Security Engineer secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members. This position will work cross functionally with other teams as well as customers engineer and deploy security tools, detection and prevention rules. The SSE acts as an escalation point for Security Analysts may be asked to lead the response to critical security incidents and threats.

    Duties & Responsibilities

     

    Responsibilities & Duties:

    • Ensures authorized access by investigating improper access; revoking access; reporting violations. Collaborate with infrastructure teams to implement, maintain, monitor and audit usage and secure storage of privileged credentials.
    • To provide a fast and efficient response to automated alarms and reported incidents & problems. Ensure all security violations and incidents are promptly reported
    • Ensure compliance of corporate security policies and practices
    • Perform periodic users audits to ensure appropriate access and termination of access
    • Perform scheduled network security scans on wired and wireless network segments and on demand. Conduct assessments/audits with Site Services to verify that appropriate security controls are in place on all devices within the corporate network. Collaborate with Application Security, Development and Infrastructure teams to validate and remediate vulnerabilities.
    • Plan, test and deploy web gateway hardware and software necessary to provide protection from threats encountered from endpoint user web browsing
    • Plan, test and deploy network access control hardware and software necessary to provide access controls and monitoring in the wired and wireless networks
    • Plan, test and deploy server endpoint software necessary to provide protection from and monitoring of threats
    • Ensure the security software of all endpoints within the corporate network, for remote users and for satellite offices is current and deployed appropriately to provide best available security protection
    • Maintain documentation necessary to demonstrate adherence to applicable federal and state laws as well as compliance with all applicable accreditation bodies
    • Plan, test and implement appropriate updates, deployments, and rollouts as needed to ensure the integrity of the security software on all company endpoints
    • Monitor log files, dashboards and other appropriate data sources to provide periodic management reporting and input to the life-cycle improvement process
    • Deep dive problems to identify the root cause and then build a recovery and prevention plan
    • Any other duties deemed necessary by management

    Required Skills/Qualifications

     

    Required Skills & Qualifications:

    • Bachelor's degree in Information Technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree
    • Minimum of 5 years experience in information technology and system administration
    • Experience with High Priority, High Activity and Multi tasked Environments
    • Exceptional verbal and written communication skills
    • CISSP, CCNA, GIAC, GCIA, GCIH, GSEC, Security+ or similar certification desirable
    • Operating systems and networking certifications desirable
    • Applicable operating systems experience for the server and hardware that is part of the current operational baseline (e.g. Windows, Linux, Virtualization)
    • Experienced Network Systems Administrator
    • Knowledge of industry standards including ISO 27001, NIST, HIPAA, PCI-DSS, etc.
    • Working knowledge of systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
    • Experience with Network Vulnerabilities scanners like Rapid 7, Nessus, Qualys, etc.
    • Experience with Network Monitoring (IDS/IPS/Log Monitoring) solutions like Splunk, ELK, etc.
    • Capable of creating scanning plans and creating and maintaining policies
    • Experience with firewalls like Palo Alto, Cisco, Linux iptables/netfilter
    • Applicable operating systems experience for the server and hardware that is part of the current operational baseline (e.g. Windows, Linux, Virtualization)
    • Working knowledge of systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
    • Results oriented, willing to accept challenges dynamically and prioritize accordingly to business needs
    • Availability to work non-standard hours during Maintenance Windows, Business Continuity, Disaster Recovery &/or security incidents

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed