The Engineer is responsible for a combination of field deployable engineering activities, pre-sales configuration and consulting activities, skills and certification maintenance, and engineering laboratory research and technology development tasks. This Engineer is primarily responsible to maintain a high level of billable utilization. Billable activity is a combination of customer onsite installation and server system deployment, storage system configuration, system troubleshooting and performance optimization, and documentation. The Engineer is focused mainly on delivery of security testing and assessment services, and of installation of core security technology; end-point, edge, security gateway, firewall, web and email security, SIEM, etc., but must also possess and maintain competency in certain adjacent technologies such as networking, operating systems, and business applications. The Engineer will also be focused on deploying, installing, configuring, and troubleshooting. He/She will maintain a high level of competency and certification in relevant product and technology sets. The Systems Engineer is highly tenured and experienced in several security areas and is a 'go to' subject matter expert and a most valuable resource within the practice. In addition to the required technical competencies the Systems Engineer possesses a high level of business acumen and is an expert at supporting relevant consulting expertise matching technologies with business outcomes.
* Minimum of 10 years of engineering experience preferably in security.
* Bachelor's Degree in Computer Science or Computer Information preferred.
* Penetration Testing Skills (any one, or all of these certifications preferred)
* CEH: Certified Ethical Hacker.
* CPT: Certified Penetration Tester.
* CEPT: Certified Expert Penetration Tester.
* GPEN: GIAC Certified Penetration Tester.
* OSCP: Offensive Security Certified Professional.
* Payment Card Industry (PCI), Certified Qualified Security Assessor (QSA) [Within the last 2 years].
* Certified as a HITRUST Common Security Framework (CFS) Assessor.
* Practical work experience in delivering assessments in the following Compliance:
* NIST 800-53, NIST 8-00-171, or NIST Cyber Security Framework
* FFIEC, GLBA, NCUA
* SOC 1,2,3
* Center for Internet Security (CIS)
* Practical security architecture and design experience (e.g. have designed a secure network infrastructure).
* Practical work experience with integrating the following SIEM technology:
* IBM QRadar
* Alien Vault
* McAfee SIEM
* Practical work experience with integrating the following Identify and Access Management technology:
* Ping Identity
* Practical work experience with integrating the following Data Loss Prevention (DLP) technology:
* Symantec DLP
* McAfee DLP
* Digital Guardian
* Cisco Certified Network Professional -- Security (CCNP-S) or Cisco Certified Network Associate -- Security (CCNA-S) or other similar vendor-accredited or industry-recognized professional-level certification preferred.
* Must have CISSP and/or at least one of the following certs: OSCP, OSWP, CEH, CPT, PCI-QSA, HITRUST CSF
* Working with vendors and partners for related support and services.
* Ability to create and deliver security documentation and training.
* Ability to communicate with CIOs and highly technical customers to roadmap Connection's and our solution vendor's value proposition as well as our services value proposition
* Working knowledge of business systems and outcomes with ability to understand impact of solution design and implementation on customer's business strategic objectives and requirements.
* Excellent verbal communication skills with ability to translate technology related jargon to diverse groups of technical and non- technical users
* Excellent written communication skills with ability to develop technical documents
* Demonstrates a drive for achievement, adaptability/flexibility, dependability, persistence, and tolerance of stressful situations.
* Self-motivated with ability to perform quality work within deadlines and budget with or without direct supervision.