Sr. Security Engineer

Sr. Security Engineer
NY, Plainview

Job Description

We are seeking a Security Engineer for a permanent position with our client in Plainview, NY.  The right candidate will have experience working in a high availability public facing production environment and be experienced in layer 3 and layer 7. 

Please send qualified resumes to mary.abraham at harveynashusa.com.  No 3rd party candidates. Must be able to interview and work onsite.

Duties:

  • Develop strategy for the mitigation of risks of a high availability service-provider environment Manage and support a reoccurring on-call schedule.
  • Design, build, install and configure security solutions in a network, physical, cloud and virtual environment.
  • Administrate and automate security information events from web hosting infrastructure, including firewalls, load balancers, web servers, middleware, and applications.
  • Develop, prepare, coordinate, and execute security response control to correct issues, minimize exposure, reduce impact and enhance security.
  • Advise management on tactical and strategic operational improvements to enhance security capabilities and lower costs of delivery.
  • Provide and oversee the development of written status reports to management.
  • Sustain, maintain and further develop security controls for both agile and waterfall deployments including traditional infrastructure and continuous deployment methods for a dynamic, high-capacity, multi-tiered multimedia infrastructure stack. 

Required/Essential:

  • Bachelor's degree in Computer Science or related field.
  • Strong security-related experiences working as a security professional or a systems engineer with significant security responsibilities.
  • Experience in a high traffic, public facing production environment.
  • 5+ years of experience working predominantly in security desired with at least 3+ years working a high traffic, public facing production environment.
  • Experience with CentOS and/or Redhat and Windows, including patch management, security hardening, and third party control solutions.
  • Solid knowledge of Layer 3 and Layer 7 defense.  Experience with Akamai Kona, Akamai Prolexic, Cloudflare, or another layer 7 WAF required.
  • Experience securing a JAVA web stack based on with Apache HTTP/Tomcat Web Servers and IIS.
  • Experience with IPSec VPN, SSL (HTTPS/FTP over SSL, etc.), MFA/2FA and PKI.
  • Experience working with endpoint security solutions.
  • Proficient understanding of modern networking and cloud connectivity.
  • Experience collaborating on firewall policy and both common internet services and risky protocols.
  • Understanding of automation tools such as ansible, puppet, chef and/or other automation tools.
  • Must be a self-starter with excellent logical and analytical skills with a focus on delivering complete, timely and efficient solutions/resolutions.
  • Familiarity with system architecture principles.
  • Excellent communication skills; must be able to articulate strategic concepts along with supporting execution tactics.
  • Experience implementing or supporting some or all of the following: ISO 2700x, NIST CSF, SOC2, SOX, and PCI compliance.

Desired/Preferred:

  • 5 or more years experience working as a security professional.
  • 3 or more years experience working in a high traffic, public facing production environment.
  • CISSP or similar certification, preferred.
  • AWS Engineering Experience, preferred.  Google Cloud & Azure, a plus.
  • Penetration Testing Skills desired.


Apply Now