Address
Form of workWe have a Permanent for Information Security Engineer 2 for our client New Buffalo, MI. Please let me know if you or any of your friends would be interested in this position.
Position Title:
Information Security Engineer 2- New Buffalo, MI
Location : New Buffalo, MI 49117
Duration : Fulltime permanent
Job Description :
- Salary + full benefits + (client will not disclose %) bonus + 3% match on 401K
- Work from home 1 day a week. The candidate will have to work onsite at the New Buffalo MI office location
Summary:
- This position will be a part of the Four Winds Information Security Team. Responsibilities will include security assessments, penetration testing, and vulnerability management.
- ESSENTIAL DUTIES AND RESPONSIBILITIES include the following:
Vulnerability Management –
- Manage vulnerability workflows
- Report on SLA's for the vulnerability lifecycle
- Validation of vulnerability and assessment of risk status for the Four Winds environment
- Develop, maintain, & audit standard configuration / hardening guidelines
- Develop, maintain, & audit remediation notification guidelines
Security Assessments and Penetration Testing –
- Lead application assessments, including web applications, web services, native
- Windows/NIX applications, & embedded systems.
- Lead network penetration testing efforts.
- Lead mobile application assessments, including interfaces, data storage, permissions,components, and web application interactions.
- Think beyond toolsets to creatively manipulate environments.
- Lead the development of internal toolsets.
- Report on findings, facilitate remediation efforts. Explain the risk to the environment,not just tool output.
- Present findings and remediation plans to Four Winds leadership.
- Facilitate remediation & process improvement
Security System Administration & Operations
- Administer & monitor IDS, SIEM, Endpoint Protection, and other security systems.
- Provide SME advice on architecture to protect critical information systems & information assets.
- Advise on new processes & supporting technologies as threats evolve.
- Incident Response
- Participate in 24/7 incident handler on-call rotation.
- Understand the business and baseline the environment.
- Utilize industry intelligence feeds, security systems intelligence, architecture knowledge, and business practices to gain a holistic view of the potential attack surface.
- Proactively "hunt” for anomalies in the environment.
- Define custom SIEM correlation rules to identify anomalies and adapt to the environment.
- Lead & document evidence seizure & collection, forensic imaging & archival, handle chain of custody, and evidence retention.
- Interface with other business units as necessary as part of an incident.
- Interface with Third Parties including law enforcement as necessary.
- Lead in-depth triage analysis, forensics, & memory analysis.
- Report on findings to leadership, written & verbal.
- Payment Card Industry (PCI) Assessments
- Deep understanding of PCI Requirements.
- Lead PCI Audits and reviews.
- Develop, audit, and maintain PCI Audit guidelines.
- Report on findings to leadership, written & verbal.
- Remain involved in the industry and up to date on trends, new technologies, and new threats
- The above statements are intended to describe the general nature and level of work being performed by Individuals assigned to this position.
- They are not intended to be an exhaustive list of all duties, Responsibilities, and skills required of personnel so classified.
Promotes the following within the department and among all employees:
- Creates an atmosphere of fun for all casino guests.
- Encourages mutual respect, dignity and integrity with all employees by setting positive examples at all times.
Supervisory Responsibilities:
- Although this position does not directly supervise any one person, the incumbent will be the lead in the Security Assessment pillar of the Information Security program and will aid in the mentoring of the Level 1 Engineer.
Qualification Requirements:
- To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
- The requirements listed below are representative of the knowledge, skill, and/or ability required.
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education and/or Experience:
- 3-5 years of experience in Information Security, Network Engineering, Incident Handling, and/or Security Operations. Minimum two years’ experience in an assessment and/or security testing role.
- Bachelor's Degree in Computer Science, Information Systems, or related discipline, or an equivalent combination of education and experience.
- Certifications a plus, such as:
- Offensive Security Certified Professional (OSCP)
- PCI Internal Security Assessor (ISA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Penetration Tester (GPEN)
- GIAC Assessing Wireless Networks (GAWN)
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Mobile Device Security (GMOB)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Reverse Engineering Malware (GREM)
- GIAC Certified Network Forensic Analyst (GNFA)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Continuous Monitoring (GMON)
- GIAC Battlefield Forensics and Acquisition (GFBA)
- GIAC Certified Detection Analyst (GCDA)
- CERT-Certified Computer Security Incident Handler (CSIH)
Special qualifications:
- Deep understanding of network architecture.
- Experience with hardening standards such as the CIS Benchmarks
- Experience with vulnerability management platforms.
- Familiar with NIST 800-53, 800-115, and the Penetration Testing Execution Standard (PTES)
- Knowledge of OWASP & experience testing web applications & web services.
- Experience with mobile application testing & toolsets.
- Familiarity with scripting languages such as Python. Powershell experience a plus.
- Ability to creatively manipulate environments and use critical thinking skills.
- Experience with fuzzing, reverse engineering, and exploit development a plus.
- Experience with IDS, SIEM, and other security architecture technologies.
- Experience seizing, cataloging, and maintaining Chain of Custody of digital evidence.
- Deep understanding of the network architecture and the ability to aid in the construct of secure environments.
- Experience with forensics and triage tools such as SIFT Workstation, Volatility, REMNux, Autopsy, X-Ways, IEF, FTK, etc.
- Experience reading packet captures.
- Experience with log analysis.
- The ability to relate complex technical topics in terms of the business impact to varying audiences.
- Public speaking and presentation skills.
- Local travel between sites required
- This position requires a Level 2 Gaming License.
Language Skills:
- Ability to read, analyze, and interpret the most complex of documents, such as technical journals, financial reports and legal documents.
- Ability to respond to common inquiries or complaints from guests, regulatory agencies, or members of the business community.
- Ability to effectively present information in one-on-one and small group situations.
Mathematical skills:
Ability to add, subtract, multiply and divide in all units of measure, using whole numbers, common fractions, and decimals, and work with mathematical concepts such as probability and statistical inference.
Reasoning ability:
- Ability to define problems, collect data, establish facts, and draw valid conclusions.
- Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
- Ability to leverage technical expertise to fully understand and meet the finance department's technical and reporting needs and requirements.
- Ability to develop and maintain a strong relationship with casino technical staff. Ability to communicate technical information to non-technical personnel.
- Ability to specify and develop queries/reports using a range of software.
- Ability to think logically and follow detailed instructions.
Physical demands:
- The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- While performing the duties of this job, the employee is regularly required to talk or hear.
- The employee is also regularly required to stand, walk, sit and use hands to finger, handle or feel objects, tools or controls.
- The employee is occasionally required to reach with hands and arms, and to sit, climb or balance; and stoop, kneel, crouch or crawl.
- The employee is frequently required to lift and/or move up to twenty-five pounds, occasionally lift and/or move up to fifty pounds, and infrequently lift and/or move up to one hundred pounds.
- Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and the ability to adjust focus.
Work environment:
- The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- The employee is frequently required to risk danger of electrical shock and/or radiation (from computers).
- The noise level in the work environment is usually moderate.
- When on the casino floor, the noise level increases to loud.
- A casino environment is typically smoky
About Generis Tek: generis tek is a boutique it/professional staffing based in Chicagoland. we offer both contingent labor & permanent placement services to several fortune 500 clients nationwide.
our philosophy is based on delivering long-term value and build lasting relationships with our clients, consultants and employees. our fundamental success lies in understanding our clients’ specific needs and working very closely with our consultants to create a right fit for both sides. we aspire to be our client’s most trusted business partner.
