If you love building the architecture that makes information technology possible, then we have news for you: we’re seeking Principal Security Engineers who are ready to pick up a (figurative) hammer for one of our clients in Denver, CO.
Here’s the thing – if a company’s technology stack were a person, then the network of vital organs and veins would be its system positions. Without experts designing, implementing, analyzing, and maintaining important systems (especially security!), a company simply can’t function. If that sounds exciting, you just might be the lifeblood our client needs.
Tell you what: give us 60 seconds. Look at what this role is all about, peek at our stellar benefits, and learn why BridgeView IT owns the competition when it comes to connecting technologists with the best system positions. One minute from now, if you’re just as excited about this role as we are, then you know what to do.
HOW YOU WILL MAKE AN IMPACT
As a Principal Security Engineer, you’ll be a subject matter expert on all things Palo Alto, Cisco, ISE, F5 Juniper and specifically, you’ll have a strong Security focus across all of those. This is a technical position that requires knowledge of security industry standards, the ability to establish and audit security operational functions, and the ability to provide technical security recommendations and/or solutions. This position develops, updates, documents, and maintains security standards and policies for the organization. This position assists in ensuring that secure computing practices are established and communicated throughout the organization, and that the business is conducted in accordance with established guidelines and regulatory requirements. This position also contributes to security due diligence assessments on current and prospective vendors and products.
- RES Conduct security operations necessary to maintain the confidentiality, availability, and integrity of enterprise data and information systems.
- Maintenance of security tools and technologies throughout the enterprise environment
- Evaluate, design, and implement security related solutions, adhering to established change control processes
- Provide technical security planning, implementation, configuration, support and troubleshooting services on all security technologies.
- Provide accurate, clear, and concise documentation of system requirements, specifications, and final builds.
- Perform all necessary functions associated with the implementation and integration of security tools and platforms into the enterprise environment.
- Coordinate with systems and network engineers to ensure servers and network devices conform to security standards, and that security devices and controls are working as designed
- Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
- Assist in defining the security strategy and integrating regulatory compliance requirements (e.g., PCI, GLBA) into the organizational security roadmap
- Assist in ensuring that the corporate IT environment is secure and complies with all internal and external audit requirements
- Implement and maintain cryptographic controls (e.g. data at rest, data in transit) in line with security requirements
- Identify potential security risks, and define and document remediation options or mitigating controls
- Provide excellent customer service for internal and external customers in support of security initiatives, incident response, and support
- Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events, establishing and adhering to escalation procedures and response times
- Review and approve submitted application and systems change requests for security compliance
- Provide subject matter expertise, counsel, and input for enterprise- wide information security initiatives, strategies, projects, and policies
- Maintain certifications and keep up-to-date with current information technology
- Participate in 24x7 on-call rotation Perform related duties as requested Lead multiple large-scale security projects.
- Act as the security representative on cross-team mission critical IT projects.
- Guides junior and senior engineers as they work with various teams on projects and support staff in the development of functional and technical specifications and requirements; reviews completed specifications and recommends actions.
- Must have strong organizational skills and attention to detail, and possess exceptional ability to communicate effectively with peers, supervisors, managers, and customers within a team-oriented, collaborative environment.
- Must to identify cyber security threats and perform analysis based on threat vectors and identified vulnerabilities and build solutions to reduce the risk level.
- Must possess the skills to perform research independently, identify pertinent information for evaluation, and develop potential solutions and alternate courses of action.
- Familiar with automated vulnerability scanning assessment tools and their operation to produce security artifacts
- Must possess the skills to automate solutions using various scripting tools
- Analyze system security architectures and make recommendations for security design and requirements.
- Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
EXPERIENCE & EDUCATION
- 6 years experience in information technology or related field within the last 10 years OR 8 years experience in information technology or related field within the last 10 years.
- 5+ years of experience with managing security controls, to include defining policies and administering devices such as Cisco and Palo Alto Networks firewalls, IDS/IPS platforms, Cisco ISE, DLP devices, e-mail/web filtering solutions
- 6 + years of technical experience working with security solutions and conducting security operations
- 6+ years of network security experience and reviewing security tools and solutions and making recommendations on utilization and strategy
- 6 + years of experience with network protocols, data flows and attacks within an IP environment
- 5+ years of experience in building configurations for security devices and building an automated process to support large-scale deployment
- Extensive knowledge and experience with security software, firewalls, intrusion detection systems and other security systems and network monitoring.
- Extensive hands-on technical knowledge of network systems, protocols, and standards such as Ethernet, LAN, WAN and TCP/IP.
- Experience as a security specialist in a regulated IT environment including some combination of SOX, GLBA, PCI and responsible for compliance and coordinating audits (1+ years)
- 3+ years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
- 2+ years programming/scripting experience – one or more of: Perl, Python, shell 10+ years Cisco – firewall, switching, and routing.
- 7+ years Palo Alto Networks and Cisco firewalls.
- 5+ Bluecoat Proxy (or similar.)
- 5+ years SIEM and Cisco ISE
- 5+ F5 Web Application Firewalls
- 1+ years SOAR Plus: Cloud (AWS, Azure) Cyber Forensics HSM SDN (ACI, Open flow) Linux/Unix Scripting (Python, Perl, Bash)
ABOUT BRIDGEVIEW IT
Do you remember when the first YouTube video was uploaded in 2005? We don’t, because we were too busy creating the best technology placement firm in the country. Back then, we saw how extreme the demand was for technologists. Companies needed help finding them, and technologists needed help sifting through the noise. That’s our specialty.
You have a valuable set of skills, and it’s our job to make sure you get connected with the roles, companies, and career paths that help you realize your full potential. We don’t just forward you random job descriptions; we build a real relationship to get you wherever it is you want to go. We might be based in Denver, clearly the best city on earth, but we are connected to opportunities across America that will both challenge and fulfill you.
Let’s do this. Apply for the above role, or sign up for our job alerts.
STUFF OUR LAWYERS WANT US TO SAY
We are unable to sponsor H1B candidates at this time. Those authorized to work in the US without restriction are encouraged to apply. BridgeView IT is an equal opportunity employer.