Sr. Security Engineer
What we’re looking for…
ScienceLogic is looking for a Senior Security Engineer who will design and implement systems and procedures to sustain the security, integrity, and availability of the organization's data. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them. Track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security. May participate in ethical simulated attacks or security violations to assess the organization's data security measures.
What you’ll be doing…
- Conduct platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor Security Operations pager and respond to issues of potential viral activity, spam, phishing.
- Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
- Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
- Collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported.
- May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.
- Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports.
- Measure and improve patch management procedures with appropriate teams.
- Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. May provide guidance to infrastructure or application staff participating in exercise.
- Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.
- Other duties as required.
Qualities you possess…
- US Citizenship with the ability to obtain a public trust clearance required.
- Bachelor's Degree or equivalent required.
- Applicable certifications are desired.
- 5+ years of related experience in an IT Security related field.
- 5+ years of experience as system or network administrator or a support specialist in a SOC environment.
- Solid understanding of basic fundamentals in TCP/IP and the OSI model as well as common routing protocols.
- Experience with SOC 2 and/or ISO 27001 audits and certifications.
- Experience working with Firewalls and IDS technologies .
- Problem solving skills complimented with experience in solving information security device and application issues with customers is a must.
- SOC/NOC experience desired. Good verbal and written communication skills as well as attention to detail.
- Exceptional customer service skills and interpersonal skills. Ability to work in small teams.
- Must be able to resolve highly complex and technical business problems.
- Understanding of threat agents, attack vectors, and attack patterns as well as compensating controls and design patterns needed to mitigate risk.
- Possesses a broad domain level of expertise to resolve complex issues and performs detailed network analysis across a broad range of network and other technologies both on premise as well as cloud and hosted environments.
- Demonstrated skills on technical procedures development (equipment configuration) for testing and implementation of design changes.
- Create technical documentation and diagrams using Microsoft Visio, Excel, Word and PowerPoint.
- Knowledge of single sign-on integration with on premise and cloud toolset.
- Knowledgeable of Network Design and Project Management methodologies.
- Excellent presentation/verbal communication skills.
Recommended Certifications or Skills
- Security+
- Associate CISSP
- Associate SSCP
- Associate CCSP
- OS/Linux/Windows/macOS
- Directory Services
- Microsoft Security Center, Intune, Defender
- Network Protocols
- Scripting Languages (Python/Bash/PowerShell)
Benefits & Perks
- A remote-first culture - work from home or come into the office, it's totally up to you.
- Comprehensive medical, dental and vision plans.
- 401(k) plan with employer match.
- Flexible Paid Time Off (FTO) so that you can take the time that you need to re-energize.
- Volunteer Time Off (VTO) - take two days off per calendar year to volunteer with your preferred charitable organization.
- 5-year Service Milestone Sabbatical.
- Paid parental leave.
- Generous employee referral bonus program.
- Pet insurance.
- HQ Office centrally located in Reston Town Center featuring a well-stocked kitchen with rotating snacks and beverages, and catered lunch on Thursdays.
- Regular virtual company-wide events, including cooking classes, yoga, meditation and more.
- The opportunity to learn and develop from some of the best and brightest minds in the industry!
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which you are applying.
About ScienceLogic
We empower intelligent and automated IT operations.
The ScienceLogic SL1 platform enables companies to digitally transform themselves by removing the difficulty of managing complex, distributed IT services. We use patented discovery techniques to find everything in your IT environment, so you get visibility across all technologies and vendors running anywhere in your data centers or clouds
www.sciencelogic.com