Network Systems Security Engineer (Cloud)
Posting ID: JP-002660954
The responsibilities encompass collaborating with other DevOps and SysOps teams to transition public-facing, on-premise applications to the cloud; securing the configuration management of the cloud infrastructure; mitigating risks, and applying security controls to improve visibility and diagnostics in compliance with governing Federal requirements and security best practices.
-Developing and deploying infrastructure as code (IaC) scripts to implement and optimize security controls and mechanisms of a cloud infrastructure.
-Acting as the subject matter expert for cloud security and tools such as Security Information and Event Management (SIEM), access control mechanisms, Intrusion Detection and Intrusion Prevention Systems (IDS/IPS).
-Experience with Cisco ASA Firewalls or other firewalls/security devices(Juniper/Palo Alto) in an enterprise environment.
-Monitoring cloud infrastructure and pro-actively mitigate potential incidents before service degradation occurs.
-Providing guidance to our DevOps teams developing on public cloud platforms, advising on security standards for cloud deployment, and working to identify common patterns for template provisioning.
-Conducting assessments of security controls for new and existing cloud systems; creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation.
-Determining security modes of operation and recommending new or revised security measures and countermeasures for current security challenges.
-Collaborating with team members to continue to evolve and implement a state-of-the-art secure cloud infrastructure.
Security, Firewall, Network security, Information security, System administrator, Routing, Cloud, ports, protocols, SIEM, TCP/IP protocols, Palo Alto, Scripting, Windows, Juniper, Powershell, Python, Perl, Bash, NACL
Top Skills Details:
Security, Firewall, Network security, Information security, System administrator, Routing, Cloud, ports, protocols, SIEM, TCP/IP protocols
Additional Skills & Qualifications:
-Minimum of 5+ years of directly relevant experience in system security administration. A Bachelor’s degree in computer science, cyber security, engineering, or other related discipline would be viewed favorably but does not negate the minimum experience requirement.
-Experience in designing and implementing an enterprise-wide cloud security architecture.
-Proficiency with SIEM and vulnerability management solutions.
-Experience using common networking tools to aid in troubleshooting, including nmap, Wireshark, tcpdump, etc.
-Proficiency in one or more scripting languages: Python, Perl, PowerShell, or Bash.
-Proficiency with TCP/IP/UDP ports and protocols, IDS/IPS, Network Access Control List (NACL), Access Control Lists (ACL), and Security Group (SG) applications.
-CISSP certification or ability to obtain within first six months of employment.
-Strong written and verbal communications skills.
-Ability to obtain a security clearance (do not need upon interview)
Desired Qualifications and Experience:
-Creating and editing AWS Cloud Formation scripts.
-Securing and monitoring Kubernetes.
-Managing and monitoring a centralized AWS logging architecture (e.g., Splunk).
-AWS Certified Security - Specialty, ISC2, or Cloud Security Alliance.
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Recruiter: Jean Chambers
Phone: (410) 579-3072