Sr. Security Engineer

About

NAVA Software solutions is looking for a Sr. Security Engineer

Position

Sr. Security Engineer

Location

Philadelphia, PA 19124 (3 days/week onsite, required)

Duration

12 months

Responsibilities

• Mitigates risk of applications/systems vulnerability to Cybersecurity attacks through the engineering/installation/management of a Security Information Event Management (SIEM) system.
• Participates in the implementation of the organization's strategic goals for information security.
• Participates in developing security standards/best practices for the organization.
• Recommends enhancements, as needed.
• Contributes to the development of strategies to respond to/recover from a security breach.
• Develops security awareness by providing orientation, educational programs, and on‑going communication.
• Identifies/Installs/Manages applications necessary to protect sensitive information as needed or identified by the CISO.
• Assists computer users with installation/management of new security products/procedures.
• Identifies any weaknesses in the information security architecture which could be used to compromise information systems.
• Monitors systems/network for security breaches/intrusions using the SIEM system.
• In the event of a breach, participates in incident response activities to minimize the impact; assists with the technical/forensic investigation into how the breach occurred/extent of the damage.
• Reports findings to the CISO.

Requirements

• Bachelor's Degree or equivalent related experience and a minimum of 7+ years of hands‑on information security engineering and administration experience.
• 7+ years' experience in a system administration role supporting multiple platforms and applications.
• 5+ years' experience with risk assessment tools, technologies, and methods.
• 5+ years' experience with communicating network security issues to peers and management.
• 3+ years' of experience with firewalls, ideally Palo Alto required.
• Experience with Daily Security Alerts and Log Monitoring (Central Log, Virus, IPS, DLP, Web Content, Secure Email, and Active Directory Changes).
• Assist with Monthly alert and log management reporting.
• Strong understanding of identity and access management, network security, endpoint security and email security.
• Previous experience with planning, researching and developing security policies, standards and procedures.
• Previous experience with several technical security disciplines such as System Information Event Management systems (SIEM), vulnerability management or security hardening.
• Experience with Microsoft Azure desired, specifically with Microsoft Azure Sentinel.

Desired Licenses / Certifications

• CISSP - Cert Info Sys Security Prof (Preferred)
• GCIH - GIAC Cert Incident Handler (Preferred)
• GPEN - GIAC Penetration Tester (Preferred)
• GCFE - GIAC Cert Forensic Examiner