Senior Security Engineer Job Description
Senior Security Engineer Duties & Responsibilities
To write an effective senior security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included senior security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Security Engineer
List any licenses or certifications required by the position: CISSP, GIAC, ITIL, SANS, CEH, CISM, CSSLP, CISA, GCFA, GCIH
Education for Senior Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the senior security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Education, Information Security, Information Systems, Computer Engineering, Information Technology, Electrical Engineering, Software Engineering
Skills for Senior Security Engineer
Desired skills for senior security engineer include:
Desired experience for senior security engineer includes:
Senior Security Engineer Examples
Senior Security Engineer Job Description
- Search for and analyze security technology to reduce risks in every information security segment
- Implement penetration testing along with ethical hacking
- Assist in the security risk analysis for current and new systems and recommend solutions for reducing exposure areas
- Support and provide consultancy for audit compliance actions
- Perform security vulnerability assessments to identify technical weaknesses
- Develop security processes, procedures and performance metrics
- Develop and maintain documentation related to security processes, systems, procedures and events
- Work within TSG and other departments within Bain to ensure secure, consistent delivery of resources and assets
- Work with senior TSG management to evaluate projects, establish priorities and communicate timelines to deploy security technology solutions
- Create a climate and convey a sense of urgency to drive security risk remediation with aggressive deadlines
- Understanding of security requirements for Sarbanes-Oxley, ISO Certifications, Data Privacy laws, and PCI
- Experience developing/improving open source tools is beneficial, but not mandatory
- Experience building security in a fast-paced, web-scale environment, preferably for a SaaS provider
- Advanced knowledge of core networking protocols (TCP/IP, DNS, ), including routing protocols such as BGP and OSPF
- Proficiency in at least one programming language (Python would be a plus) for writing automation frameworks and relevant security tools
- Solid understanding of modern programmatic infrastructure components and deployment patterns
Senior Security Engineer Job Description
- Help in troubleshooting customer’s network and security issues
- Research industry best practices and make recommendations
- Create configuration and installation documents
- Develop Security policy based on application and customer requirements
- Systems Administration - Administer security-focused information systems such as vulnerability management, privileged access management, and SIEM
- Conducting security assessments of new and existing systems of commercial service providers
- Conducting research for the design and development of new security architectures
- Testing tactics, techniques, and procedures TTP for the protection of information
- Developing and incorporating security-based requirements
- Teaming with thought leaders on cutting edge strategies to protect commercial service providers from advanced persistent threats APT
- Ability to communicate issues effectively educate developers to secure coding practice
- 3 to 5 years of experience in a dedicated security device engineering position
- Bachelor’s degree or higher in Computer Science / Security
- Bachelor degree in Information Systems, Computer Science, or related field or equivalent
- Deep knowledge of intrusion detection, firewalls, data loss prevention, data encryption, and vulnerability management concepts
- Expertise in LAN/WAN and other network related concepts and principals
Senior Security Engineer Job Description
- Demonstrated experience in communicating effectively in written and spoken form to broad internal and external entities including non-technical executives, corporate officers, business colleagues, product and service vendors and internal/external peers
- Aptitude to quickly learn in dynamic fast paced business environment
- Ensures the confidentiality, integrity and availability of cloud environments, host computers, servers, databases, laptops, firewalls and other devices for secure data storage and transfer
- Troubleshoot and repair information security tool implementations and performs root cause analysis
- Complete, deliver, and maintain security/compliance documentation for internal and external consumption
- Stay abreast of security best practices and technologies, and foster the growth of team members by providing, training, guidance and mentoring
- Configure existing technologies in an effort to solve operational issues
- Cloud security, as we are entering a new era we need to develop new standards to address the various security challenges that accompany leveraging the cloud
- New common network security standard which includes policies, security review process and standards for routers, firewalls, switches, and wireless access points
- Vulnerability assessment tooling and reporting to be at the core of our application and systems deployments
- A client-focused approach as demonstrated by the ability to implement Information Security/Networking best practices and procedures
- Proven experience working in an environment that is certified and compliant with globally recognized Security Framework / Information Security Management System (NIST SP 800-53, ISO27001, HIPPA, SOX, PCI)
- Advanced understanding of Caching/Proxy/AV devices
- Advanced understanding of Global/Local load balancing devices
- Advanced understanding of SSL devices
- Vendor certifications such as Checkpoint CCSA/CCSE, Palo Alto certifications Fortinet certifications or Proxy/Bluecoat certifications
Senior Security Engineer Job Description
- Understanding and utilization of basic SQL queries
- Ability to utilize languages such as PowerShell and/or Python would be a plus
- Utilization of SIEM tools (McAfee a plus)
- Incident Response in a team environment in other than a management role
- SPAM/Phishing detection and eradication
- Ability to asses and suggest mitigation for threats in a corporate environment
- Act as an escalation point for alerts generated by a SEIM and other related tools
- Perform systems and network analysis of intrusions to the network, servers, applications, operating systems, firewalls, proxies, and other infrastructure related devices
- Perform in-depth network security analysis and conducting preliminary incident response, event analysis and threat intelligence
- Perform vulnerability scanning of the environment and analyze the results to assess risk to the organization and prioritize remediation efforts
- Provide security control analysis using a Security Control Traceability Matrix as required by DNI ICD 503, CNSS, NIST special publications, FISMA, FIPS, OMB, of all managed national security systems during the accreditation process by performing documentation review (system CONOPS, network diagrams, SSP, SAP and policies), interviewing key organizational personnel, and presenting the findings for review and authorization
- Experience with creating and reading packet captures (Wireshark, tcpdump)
- Experience with Regular Expression (RegEx) pattern matching
- Must be able to obtain at least a secret level government clearance
- Extensive experience with both physical and network/host level security
- Must have an understanding of firewalls, switches, and IP routing hardware
Senior Security Engineer Job Description
- Respond to monitors and alerts by leading investigations to security events
- Perform in a leadership role for Incident Management teams when requested
- Support all company directed initiatives and projects related to the Security Monitoring areas to include all compliance issues
- Become an advocate for security
- Maintains and improves key elements of the Security Program through the implementation of security tools, processes, and procedures operation of existing tools and controls
- Identify process improvement needs related to design practices, secure coding guidelines, supplier/component security, vulnerability intake and management, threat mitigation, and testing
- Identify, pilot and deploy process changes, associated software tools, and training to ensure effective and efficient compliance across all affected staff
- Participate in product design reviews and perform security risk assessments
- Support implementation, development, enhancements, and modifications to software source code, scripts, and procedures
- Contribute to and support a variety of test efforts penetration tests, fuzz testing, internal and external audits and certifications, and coordinate remediation work as necessary
- Must be able to take an operational and project leadership role
- Bachelor’s Degree in Computer Science or Engineering, Management Information Systems, or a related technical field
- 4-year degree or job-related certification required with advanced degree or additional certification preferred
- You have excellent knowledge of Networking Protocols (TCP/IP, SNMP, DNS, DHCP, ISCSI)
- You have excellent communication skills to communicate system proposals to IT-management and customers
- Hands on experience in designing and documenting HLD, LLD for network security transformation projects Bit Locker, Safeguard and safe end