job summary: Position Purpose: Lead and maintain the integrity and security of our IT Security environment and establish policies/procedures on system use and services. Evaluate, recommend, design, and implement IT Security tools and services to meet business objectives. Mentor and train team members. Act as a point of escalation and subject matter expert for IT Security tools. Education/Experience: Bachelor's degree in Computer Science, MIS, related field or equivalent experience. 5+ years of experience in the IT Security field or a related area. strong analytical skills. Securing Windows, Linux, and Mac environments in production environments. In-depth knowledge of security tools such as firewalls, web proxy servers, vulnerability scanners, DLP, malware scanners, disk encryption, SIEM, etc. System hardening (application securing, CIS benchmarks, RBAC, or similar). strong familiarity with standard ITSM processes. Experience with scripting languages such as Python and PowerShell. Demonstrated knowledge of the OSI model. Knowledge of security controls frameworks such as NIST CSF, NIST 800-171, ISO 27001, or CIS Critical Security Controls. Experience working with SOC and Incident Response teams. strong familiarity or experience with the administration, securing, hardening, patching or maintenance of one or more server, network, or application platforms such as Windows, Unix, Linux, Cisco, Juniper, Apache, IIS, various Middleware platforms, secure software development environments, cloud platforms or other relevant technology areas. Healthcare experience and knowledge of system communication and networking protocols, TCP and IP, VLANs, VPNs, and general routing and switching is a plus. License/Certification: Systems Security or Administration certifications such as CISSP, GSEC, Linux+, Security+, Network+, Cloud+, CCNA, or CCSA are preferred. Walk me through the day to day responsibilities of this the role and a description of the project (Outside of Workday JD): Senior Detection Engineers drive the team forward as a more experienced technical engineer on the team. This position will take the vision of leadership, bring those ideas to the Engineering Team and formulate the action plans. As a more senior engineer, you will help clear any technical issues the team runs into that may affect the completion of a project. Associate Detection Engineers will look to this position for mentorship and guidance on how to advance their knowledge and career goals.Responsibility:- Provide Mentorship for Associate Detection Engineers and Detection Engineers.- Conceptualize automation around SOC/IR activities.- Test and validate detections.- Build Tabletop Exercises or Training Events for SOC.- Recommend best practices for tuning of security tools- Research and develop future Notable detections- Research current TTP's of malicious actors- Recommend training to senior levels that align with current activities in offensive and defensive security models- SME for SIEM tool developmentJob Qualifications:- strong knowledge of security investigations and incident response methodologies driving that knowledge into the creation of detections and training.- Develop processes and procedures surrounding the creation of new notable detections that will be utilized by numerous security teams.- Experience utilizing pentesting tools and how attackers use them to create tactics, techniques and procedures common with current threat avenues.- strong understanding of defensive security practices and how to best implement road blocks to stop malicious actors.- strong experience scripting in python and java with the ability to teach junior engineers- Knowledge of how SIEMs (such as Qradar, Splunk, LogRythm, or Alien Vault) and SOARs (such as Phantom, Demisto, ThreatConnect or Resiliant) function and how to work investigations from alert to remediation.- Use critical thinking on how to best tune current tools and alerts providing better functionality to our customers.- Experience in developing attack Tactics, Techniques and Procedures (TTPs) using the MITRE ATT&CK Framework construct Required Skills/Experience: 1. strong knowledge of security investigations and incident response methodologies driving that knowledge into the creation of detections and training. 2. Develop processes and procedures surrounding the creation of new notable detections that will be utilized by numerous security teams. 3. strong understanding of defensive security practices and how to best implement road blocks to stop malicious actors. Preferred Skills/ Experience: 1. Advanced knowledge of network, system, and web application attacks and mitigations. 2. Deep understanding of adversary techniques and the signals they generate 3. Use critical thinking on how to best tune current tools and alerts providing better functionality to our customers. Education Requirement: BA/BS in a related discipline, or equivalent experience Software Skills Required: Python, PowerShell, Java Scripting, BASH, C#, Go, SPL, SQL, C++, C Required Certifications: GMON, GDAT, GCIH, GCFA, GREM, OSCP, CEH, GCIA, GCIH, CCSP, CAP, CRISC, GWEB, GSSP, GPEN, GFSR, Splunk ESCA, CHFI location: ST. LOUIS, Missouri job type: Contract salary: $75.00 - 84.38 per hour work hours: 8am to 4pm education: Bachelors responsibilities: Lead and maintain the integrity and security of the Centene IT Security environment and establish policies/procedures on system use and services. Evaluate, recommend, design, and implement IT Security tools and services to meet business objectives. Mentor and train team members. Act as a point of escalation and subject matter expert for IT Security tools. qualifications: Experience level: ExperiencedMinimum 5 years of experienceEducation: Bachelors skills: Network Security Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.
