Information Security Engineer
at SkillStorm

Date Posted: 3/4/2017

Job Description

Job Requirements:
• Ability to provide technical direction and act as a subject matter expert as it relates to cybersecurity
• Knowledge of countermeasures against common attacks on web applications, app servers, databases, the HTTP protocol, SSL, DNS, certificates, credentials, forms, web sessions, cookies, tokens, XML, JavaScript, AJAX, JSON, Flash, SFTP, PKI and symmetric crypto, wireless & wired networks, and related Internet technologies
• Able to perform both automated and manual security assessments for applications
• Ability to technically evaluate cybersecurity technologies and provide feasibility assessments
• Able to articulate common risk modeling methods and secure architecture patterns
• Ability to write clear system requirements and test plans
• Identify security issues and risks, and develop mitigation plans and recommendations
• Architect, design, implement, support, and evaluate security-focused tools and services while acting as the Information Security project lead
• Interpret information security vulnerabilities, risks, policies, and procedures to Company Business lines and IT teams
• Perform Security Risk Assessments on large and medium programs and projects
• Experience with security frameworks such as NIST 800-53r4, NISTIR 7628, CIS Critical Controls
• Evaluate and recommend new and emerging security products and technologies
• Participate in projects that develop new intellectual property and ensure security policies, requirements, best practices, etc. are applied
• Evangelize security within Company and be an advocate for customer trust
Qualifications:
? At least 5 years of Information Security experience
? At least 2 years of experience working with industrial control systems (ICS) in some form preferred
? At least 2 years of experience in Information Security Engineering, Auditing, or Architecture
? Experience with Distributed Control Systems (DCS) is highly desired.
? Experience working in the Gas/Oil/Energy sector is a big plus.
? MS in Computer Science or equivalent desired
? Information Security Certifications highly desired (CISSP, GSEC, C|EH, CSSLP, OSCP, GISP, etc.)
? Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
? Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
? Knowledge of common SSL, hashing, and symmetric encryption, especially in Java and .Net environments
? Ability to create and review network design and architecture patterns
? Able to articulate risk modeling and able to communicate technical concepts in simple terms both verbally and in written reports
? Experience with service-oriented architecture and web services security desired
? Experience with the application of threat modeling or other risk identification techniques
? Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits is desired
• Results oriented, high energy, self-motivated is required
• Excellent written and verbal communication as well as teamwork skills are required
? Excellent leadership skills are preferred

Job Snapshot

About Us

SkillStorm is one of the nation’s fastest-growing I.T. Services Company. We have been providing technology consulting, outsourcing and staffing solutions since 2002. SkillStorm can provide you with the right tools to ensure you have the best technology team in place to fuel your organization’s continued success. SkillStorm works with scores of fine companies, including many that rank among the elite Fortune 500 and has been setting the standard for customer service in the industry since inception.

What is a Talent Network?

Talent Networks enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

Why Join?

  • Receive alerts with new job opportunities that match your interests
  • Share job opportunities through Social Media or email