Sr. Cyber Security Engineer in Plano, TX at MDI Group

Date Posted: 5/22/2018

Job Snapshot

Job Description


MDI Group is a premier IT workforce solutions provider with more than 25 years of expertise in finding “best fit” IT talent for mid-sized to Fortune 500 clients. We have established relationships with our clients and work directly with the hiring managers. Why MDI Group?...You can expect that we will learn what is most important to you in your job search and match that to the needs of our clients. We offer career coaching and resume services, skills certifications, interview preparation skills, health benefits and a 401K plan. We are currently interviewing for the following contract to hire position:

Sr. Cyber Security Engineer

Contract to Hire

Plano, TX

JOB RESPONSIBILITIES:

  • Ensure that all systems, applications, endpoints, and networks have appropriate and adequate security controls in place protecting Rent-A-Center data.
  • Provide leadership and security expertise to project design, development, testing and deployment teams to ensure that all applications meet security requirements and are coded in a secure manner.
  • Able to attain support and compliance with information security requirements & standards.
  • Serve as the technical lead/technical subject matter expert on the Incident Response Team in responding to various security incidents.
  • Research, recommend, and evaluate commercial information security products and services to determine which should be adopted by Rent-A-Center.
  • Assume leadership roles in the development of detailed proposals and plans for new information security systems that would reduce operational risk.
  • Identify and determine causes of security violations and verify/assist in the corrective actions to assure data and application security.
  • Interact with internal and external auditors as needed to ensure regulatory and policy compliance.

JOB REQUIREMENTS (Must Haves):

  • Bachelor's degree in Computer Science, Information Security, a related technical field or equivalent experience.
  • 5 or more years of information security engineering, administration, and cyber threat research/analysis experience.
  • 2 or more years of Web Application Firewall (WAF) experience.
  • Cloud security (AWS – Azure) architecture, environment, and WAF experience.
  • Support and manage all technical aspects of security controls for a multi-location environment.
  • Evaluate, recommend, and justify appropriate commercial off-the-shelf products that support the security program requirements.
  • Manage, maintain and monitor multiple security technologies.
  • Ensure new system builds entail appropriate security packages, tools, logging and monitoring applications are configured properly.
  • Communicate technical application security concepts to employees, including developers, architects, and managers.
  • Work with development and QA teams to ensure the use of secure coding practices and verification methods.
  • Participate in Application security testing to include source code analysis, dynamic application security testing using open source and commercial tools.
  • Assess the security posture, develop risk profiles, specify security requirements, and identify mitigation measures to safeguard public facing Web applications.
  • Implement and maintain intrusion detection and prevention systems.
  • Support the Information Security Architect in design and management of a secure network infrastructure.
  • Communicate with key groups (i.e. various lines of business and other technical teams) regarding potential threats and remediation efforts.
  • Keep pace with emerging security threats, technologies, and systems.
  • Develop and maintain operational documentation and procedures.
  • Perform or coordinate penetration testing and Web application security assessment activities.
  • Working knowledge of sub netting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
  • Network and web related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
  • Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication

JOB RECOMMENDED (Nice to Haves):

  • Relevant technical certifications (CISSP, OSCP, GIAC, CCNA/CCNP Security).
  • Engineering and/or architecture experience with web applications, application stacks, web application firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
  • Knowledgeable on cyber threats relative to the retail industry.
  • Experience in web application security testing and protection.
  • Experience in conducting attribution analysis.
  • Understanding of Technology Platforms (Windows, Mac, Open Source, Middleware Applications, Database Applications, Cisco, Adobe).
  • Understanding of DDoS concepts, mitigation tools and techniques.
  • Experience creating analytical reports for Leadership on complex criminal activity.
  • Experience making effective presentations to all levels, including Senior Management.
  • IDS/IPS, penetration and vulnerability testing
  • Firewall and intrusion detection/prevention protocols
  • Secure coding practices, ethical hacking and threat modeling
  • Virtualization technologies
  • Identity and access management principles
  • Application security and encryption technologies
  • Secure network architectures

See our new look and learn why more than 25 years of IT focus makes MDI Group different at www.mdigroup.com!


A GREAT PLACE FOR GREAT PEOPLE TO WORK

Search IT Jobs