LOOKINGGLASS CYBER SOLUTIONS is seeking to hire a Security Engineer that will help protect the corporate and live data center environments. This role will help select, engineer, and operate security technologies and enable our security analysts to comb through data efficiently and effectively, so they can properly assess the live risk to the business. As such, you will be responding / coordinating as security incidents arise ranging from networking, systems (linux or windows), Macintosh, and/or hosted web solutions. You will provide technical security leadership across the organization to include threat modeling, risk assessments, deriving and decomposing security requirements, and building in security into our products and environments.
The chosen candidate would need to be someone who is self-driven and has the ability to work in a small distributed teams. Since we are a small team you will need a firm understanding of overall technology, so you can advise on how to properly secure or mitigate it.
To protect our business you will engage in attacks against our infrastructure and live products. You will also help develop security policies and processes within the organization.
- Identify security risk and develop compensating controls or solution alternatives to minimize risks;
- Provide technical expertise in the selection, implementation, and operation of security tools and countermeasures;
- Create and Manage Plan of Action & Milestones (POA&Ms);
- Ensure the confidentiality and integrity of our corporate and customer data;
- Provide technical leadership by identifying weaknesses in capabilities as well as generating gap analysis / road maps;.
- Complete, deliver, and maintain compliance documentation for internal and external users;
- The chosen candidate will engage with developers working in scrum / agile processes;
- The ability to harden / assess CI and CD type environments both in self hosted and public cloud environments;
- Training both technical and non-technical users on how to apply security best practices;
- Minimum 10-15 years of experience in cyber security engineer type position;
- BS in a technical discipline or related experience; MS preferred;
- The ability to articulate and apply security engineering life cycle management to complex development projects;
- Experience architecting, implementing, and running security tools such as: IPS, IDS, HIDS, WAF, Vuln Scanner, FW, Proxies, Routers, AV, SIM;
- Experience hardening Chef / Puppet and hardening stacks OS ( Linux / OS ) / Application Stacks (java etc);
- Penetration testing experience a big plus;
- Hardening core infrastructure: AD / LDAP, RDP, DNS, NTP, Sendmail, and SSH;
- Familiarity with SOX, NIST 800-53, and NIST 800-171 Guidelines;
no additional skills other than what it listed above.
- Security+, C|EH, GCFE and other certifications are a plus.
Be wellHealth & Fitness | Work & Home Life Balance
Be recognizedShout Out Program | Quarterly & Annual Awards
Be in the knowAll Hands Meetings | Coffee with the CEO |
Training & Professional Development
Be involvedFun Committee | Community
Outreach | Recognition Committee
Be rewardedCompetitive Compensation | Tuition Reimbursement |