Information Security Operations Engineer
Typical day-to-day duties of the InfoSec Operations Engineer.
- Capture metrics, create/execute queries, reports and generate KRI/KPIs from Tenable Security Center (Nessus) scan data.
- Create custom Nessus reports for the integration and collaboration with the Infrastructure Operations patch management program.
- Prepare for the weekly meetings with findings and alerts in order to help build the monthly patch baseline.
- File Integrity monitor unauthorized change review and research.
- Review automated reports sent from the FIM system.
- Review alerts and update spreadsheets with relevant information, notes and evidence in preparation for the weekly unauthorized change meeting.
- Perform routine inventory checks in the File Integrity Monitor system for the appropriate host coverage.
- Review AWS account compliance posture using a 3rd party AWS Automation and Governance tool.
- Manage certificate and key management solutions tool and create custom reports for Certificate management.
- Interface with different teams with in InfoSec (Architecture, Engineering, IAM, Governance, CSOC) and across other departments (Infra Operations, Risk etc.) with regards to InfoSec Operations and follow-up.
- The Information Security Operations Engineer is responsible for supporting the needs of the Vulnerability and Compliance Management programs. These programs conform to a program lifecycle comprised of the following activities, but is not limited to: asset inventory and monitoring, data analysis, reporting, and findings remediation.
- With an emphasis on leading the identification and remediation of findings/issues, daily responsibilities also include, but are not limited to: plan of action and milestones (POA&M), incident response, risk and controls assessments, tools monitoring and operations, audit functions, documentation, and reporting activities. Acts as subject matter expert to the Infrastructure Operations team, recommending and triaging updates and hotfixes to tools.
- Candidate will liaison directly with Information Security, Enterprise Risk Management, Infrastructure, and Platform Development to create and maintain standards that meet CSS security control objectives. They will maintain system and configuration management baselines including policies, procedures, and standards in a manner determined and agreed upon by the program management.
- The candidate will work closely with information technology teams and business stakeholders to understand and develop goals, determine security requirements, and design solutions that meet business objectives.
- The candidate will act as the system owner of the enterprise security tools supported by CSS support, to ensure proper functionality and operations.
- The candidate is expected to keep apprised of developing technologies and emerging threat landscape as it relates to their job responsibilities. To that end, CSS is committed to investing in its employees by offering progressive education benefits meant to help candidates keep pace with technology.
- Must have at least 6-8 years of experience with security engineering and operations, as well as, experience managing and supporting large, complex mission-critical systems.
- In depth knowledge and hands-on experience with AWS and Operating systems from Redhat and Microsoft.
- Demonstrates hands-on experience with security technologies such as compliance and vulnerability management tools, firewalls and network devices, intrusion detection systems, Active Directory, and security monitoring tools.
- Demonstrates technical proficiency and knowledge in information assurance, network security, computer information systems, computer science, or management information systems.
- BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master's Degree is a plus.
- Familiarity with information security policies, standards, industry best practices, and frameworks (NIST 800-53, FISMA).
- Excellent interpersonal, presentation, and verbal/written skills with the ability to influence peers and management to fulfill program objectives.
- Is a self-starter, adapts to change, motivated to set personal and program goals, and proactively tracks performances.
- Desirable: - CISSP, CISM Certification