AFFILIATED WITH
Join Our Talent Community
Sign up to receive notifications of new jobs and other information.
Job Details

Security Engineer

Category: Information Technology
Location:
Somerville, MA

Department: IT-Client Services
Employment Type: Full Time
Job Type: Non-Union
Work Shift: Days
Work Days: M-F, 8-5, On-Call
Hours/Week: 40
Date Posted: 06/15/2017
Requisition Number: hrq-73431

Job Details

  • Job Duties       


     
    - Work closely with Systems and Network engineering teams on the design, development, and operation of secure online services
    - Manage Enterprise Palo Alto firewall/VPN solutions (Client & Clientless - Juniper SSL).
    - Manage mobile device security policies (Palo Alto Global Protect)
    - Manage 2FA infrastructure
    - Manage perimeter network
    - Act as an internal advocate and resource on securing CHA data, systems, applications and networks in accordance with security best practices
    - Utilize all tools (Splunk, Nessus, SEP, Palo Alto) to produce a weekly summary of the threat landscape and relevant remediation.
    - Run weekly Security meetings
    - Interface monthly with Senior leadership on Security related matters
    - Evaluate new and emerging security technologies, features, and products
    - Perform security incident response and forensics investigation activities 
    - Perform various IT system support and system administration tasks as needed

    Qualifications/Experience
    - Ability to work independently and efficiently to meet deadlines 
    - Expertise in network security including firewall configuration, network intrusion detection systems, VPN (B2B, clientless), DNS 
    - Experience with host and network based security across multiple architectures and platforms (Wintel, Linux, Mac OS X, Mobile, Wireless)  
    - Strong understanding of encryption and authentication technologies. Experience with 2FA solutions like Symantec VIP. Mobile device security (Palo Alto Global Protect)  
    - Network/Application security vulnerability assessment and management experience (e.g., Nessus, Splunk, Symantec SEP, AppScan, Palo Alto) 
    - Experience in network traffic analysis, packet capture, and analysis. 
    - Excellent mastery of Layer 2 and 3 routing and switching protocols 
    - Knowledge of and ability to exploit attack vectors such as Zero Day, SQL injection, XSS, CSRF, session-hijacking (experience using frameworks such as Metasploit/Core Impact, etc. desirable ) 
    - Knowledge of and experience with cloud computing concepts and application security architecture (G-Suite) 
    - Proficiency in multiple scripting languages (e.g., bash, PERL, Python, PowerShell, Ruby) 
    - Excellent communication (oral and written), interpersonal, organizational, and presentation skills with an ability to represent complex data in executive level graphical reporting dashboards 
    - Knowledge of regulatory requirements and ability to implement technical aspects, HIPAA and HIPAA-HITEC and other compliance standards where applicable. 
    - Knowledge of security industry standards such as ISO, NIST and FISMA

    Education/Training: Bachelor's degree in engineering, computer science or a related field is required. An advanced degree in computer science, engineering or equivalent experience is preferred. 

    Certifications: Security and Technical Certifications: Security+, CISSP or equivalent 

    Work Experience: 4-6 years of directly related experience. 


     

    [cha072516]

Share
Set up an RSS feed
Share this page
Twitter
LinkedIn