• Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts, Application Firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.
• Perform security engineering tasks as required to include alert tuning, system maintenance, determining and capturing key information feeds, etc.
• Support processes such as Managing web browsing protection, web content filtering, and website category whitelisting/blacklisting, support automated encryption/decryption and secure file transfer of sensitive business process files, manage internally generated SSL certificates and SSL certificates generated by a managed PKI vendor and internal Certificate Authority
• Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing
• Participate in the organization's incident response plan and perform incident reporting on an as needed basis
• Must be able to work outside normal business hours when needed in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted
• This position requires domestic and/or international travel of up to 5%

Required Qualifications

• Bachelor’s degree in computer science, Information Security, related field, or equivalent experience.
• Proficiency in English in a business environment.
• Experience with various functions within the entire incident response life cycle including security system engineering, alert monitoring, triage, incident analysis (host and network forensics, malware analysis, etc.) and incident management.
• Experience maintaining information security technologies, such as IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners.
• Qualified and successful candidates will have at least 2-4 years of experience working extensively within security or highly technical IT fields.
• Knowledge of TCP/IP: must be able to demonstrate technical understanding of all layers of the TCP/IP stack, including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.; must be able to read and understand a packet trace; must be able to read and interpret network access control lists.
• A clear understanding of a variety of network and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits.
• Working knowledge with IT security, compliance, and regulatory requirements, such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Healthcare Information Privacy Protection Act (HIPPA), state and Federal privacy laws.

Preferred Qualifications

• One or more of the following certifications:
• Global Information Assurance Certification (GCIH, GCFA, GREM, etc).
• Offensive Security Certified Professional.
• (ISC)2 SCCP.
• (ISC)2 CISSP.

NA