Job Description
Insight Global is seeking a Security Engineer with a strong enterprise computing security background. This role will utilize industry standards as well as customized tools to take the lead in cyber defense in the prevention of attacks and detection of adversaries.
· Develop reliable software systems and scalable automated solutions to support Digital Transformations and IT operations.
· Implement best practices for availability, reliability, and scalability to improve software systems and workflows.
· Write and develop code to automate processes, such as analyzing logs, testing production environments, and responding to any security issues.
· Utilize experience in system engineering, system administration, security, and IT operations to ensure timely achievement of project plans and goals.
· Maintain operating efficiency and stability, ensure the security and integrity of all systems and data, and respond to outages and other issues.
Prioritize and respond to requests for service and may provide escalation support to helpdesk staff
· Perform application administration activities such as creating, modifying, and deleting users, optimizing remote access, and security access for messaging systems, databases, and web applications.
· Identify opportunities for improved processes and optimized data flow, data integrity and technologies to help to automate processes.
· Manage third party integrations and work with appropriate vendors to create interfaces when native integrations do not exist with disparate enterprise systems. Provide IT support for those implementations.
· Review vendor contracts and evaluate security best practices of such vendors annually to ensure compliance metrics are in place and data protection practices are being maintained.
· Provide leadership, communications, development, engineering, automation, and feedback necessary for enterprise planning and architecture.
· Coordinate with department leadership to plan, design, and schedule the release of all software, hardware, security, and operating system updates.
· Develop and enhance processes and technical documentation, create back-up procedures, test plans, and reports.
Required Skills & Experience
· Bachelor's degree in Computer Science, Engineering, or related technical discipline and at least 4 years of directly relevant experience
· Knowledge of:
o Computer networking concepts and protocols
o Network architecture
o Network security methodologies
o Cybersecurity principles of confidentiality
o Integrity, availability, authentication, and non-repudiation
o ITIL Change, Incident, and Problem Management.
o TCP/IP, firewall management, and operating system configuration.
o Proficient and current knowledge of industry trends, tools, and processes.
o Agile and iterative development process (e.g., Scrum and Kanban).
o ITSM platforms such as FreshService, ServiceNow, or other.
o Engineering practices: availability, reliability, and scalability, as well as disaster recovery
o Various automation tools that are responsible for building and integrating software tools to enhance an organizational system's reliability, security, and scalability.
· Experience with:
o Cyber defense and vulnerability assessment and alerting tools
o Instant communication and team collaboration platforms like MS Teams or Slack
o Windows server and workstation administration including installation, maintenance, and support.
o Administration of Windows Server 2019 and 2022 operating systems in both Desktop Experience and Server Core installation options
o Current industry methods for performing security assessments and authorization processes.
o Administration of Windows 10 and 11 client operating systems
o Programming/scripting with modern object-oriented programming languages to automate day-to-day and administrative tasks.
o Type 1 hypervisors and their design/implementation in scalable, highly available environments
o Network storage solutions, backups, and disaster recovery best practices
o Complex, networked environments, including TCP/IP, DNS and DHCP.
o Microsoft Active Directory delegation and permissions
o Active Directory Group Policy settings, precision targeting, precedence, and inheritance
o Enterprise password management platforms, such as CyberArk, Thycotic, etc.
o Enterprise application whitelisting platforms, such as CarbonBlack/Bit9, AppLocker, or Defender for Endpoint
o Enterprise antivirus and antimalware platforms, such as Crowdstrike or Microsoft Defender for Endpoint
o Enterprise digital loss prevention platforms, such Forcepoint, Digital Guardian, Office 365 DLP, or Azure Information Protection
o Network storage systems, scalable virtualization, backup solutions, and disaster recovery deployments and best practices
o Designing, implementing, and maintaining large and complex Microsoft Exchange E-Mail environments, including SPF, DKIM, DMARC
o Various Monitoring solutions such as Azure Monitor and AWS CloudWatch.
o Designing and implementing Active Directory Federation Services (ADFS), SAML 2.0, Multifactor Authentication (MFA), and other single sign on technologies.
o PKI, SSL certificates, and IPSec & TLS communication
o Center for Internet Security (CIS) controls and benchmarks
o Demonstrable, expert level, experience with PowerShell, C#.NET, and/or Restful API's (Microsoft Graph) to automate day-to-day and administrative tasks.
o System engineering and design for NOC/SOC purposes.
o Scripting languages such as PowerShell and Python.
o TCP/IP, application network protocols, firewall management, operating system configuration, anti-virus software, and relational databases.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.