MerchantE
Sr Security Engineer at Merchant e-Solutions
Essential Duties and Responsibilities:
Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities.
Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits.
Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts.
Identification and remediation of OS and network security weaknesses and vulnerabilities
Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing)
Qualifications:
Bachelor’s in computer science (or equivalent) degrees
Minimum of 5+ years of documented information security work experience
At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing
Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols)
Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience.
Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc.
Demonstrated experience with malware remediation.
Experience in one or more technical forensic tools
Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation.
Ability to identify signs of intrusion or infection on a variety of systems.
Expertise in administration of enterprise OS’s
Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset
Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng
Penetration testing experience
Application and database security experience, including code reviews
Network and security engineering experience, including log and network traffic capture analysis
IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, MCP or MCSE ) are a plus
Experience with advanced malware technologies is a plus.
MerchantE does not provide visa sponsorship for this position. Candidates must be legally authorized to work in the United States without current or future sponsorship.
Seniority level: Associate
Employment type: Full-time
#J-18808-Ljbffr
Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities.
Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits.
Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts.
Identification and remediation of OS and network security weaknesses and vulnerabilities
Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing)
Qualifications:
Bachelor’s in computer science (or equivalent) degrees
Minimum of 5+ years of documented information security work experience
At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing
Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols)
Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience.
Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc.
Demonstrated experience with malware remediation.
Experience in one or more technical forensic tools
Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation.
Ability to identify signs of intrusion or infection on a variety of systems.
Expertise in administration of enterprise OS’s
Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset
Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng
Penetration testing experience
Application and database security experience, including code reviews
Network and security engineering experience, including log and network traffic capture analysis
IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, MCP or MCSE ) are a plus
Experience with advanced malware technologies is a plus.
MerchantE does not provide visa sponsorship for this position. Candidates must be legally authorized to work in the United States without current or future sponsorship.
Seniority level: Associate
Employment type: Full-time
#J-18808-Ljbffr