This site uses cookies. To find out more, see our Cookies Policy

Security Engineer - Contract-to-hire with retailer - Etna, OH in Columbus, OH at Vaco

Date Posted: 2/8/2018

Job Snapshot

Job Description


building, deployment, and effectiveness of the end-client's security operations center and incident response program.
* Drive the migration of existing run books and processes to the new SOC environment and processes.
* Continuously improve and assist in the documentation of identified gaps in the existing incident response processes and procedures.
* Work with Security leadership to develop SLA's surrounding incident response types.
* Reword to "Coordinate quarterly testing with the other security engineering teams to ensure maximum effectiveness in detections and response.
* Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
* Oversee daily tasking for junior engineers and analysts.
* Ability to work with SIEM owner to ensure effectiveness and efficiency of the SOC on a continual basis.
* Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLA's.
* Serve as the senior mentor to the SOC staff.
* Serve as the focal technical lead on incident events and incidents.
* Investigate network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
* Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms.
* Managing the chain of custody for all evidence collected during incidents and security investigations.


* 10 + years of overall IT security experience.
* 2+ years of experience leading teams utilizing a SIEM.
* Bachelor's degree in a computer related discipline, or 7 years' comparable work/military experience.
* Technical industry certifications (CISSP, SANS, GCIA and\or GCIH).
* Expert level knowledge regarding incident response processes and procedures.
* Applied knowledge and hands on experience of common SIEM tools (Splunk, QRadar, LogRhythm).
* Applied knowledge of common infrastructure architecture, including industry standard ports and protocols.
* Applied knowledge of common ports and protocols being leveraged for attack purposes.
* Experience with regulatory guidelines (PCI, SOX, HIPAA, etc.).
* Advanced knowledge of threat and vulnerability landscape.
* Knowledge of application security testing (static, dynamic) and cloud security concepts.
* Knowledge of security models and frameworks (SANS Top 20, FAIR, ISO 27002).
* Ability to communicate and manage 3rd Party service levels and obligations are met.
* An innate need to protect and serve against malicious operators trying to steal valuable data.
* Operate as a change-agent within the end-client and advocate for data protection.
* Ability to work and communicate in a team environment using strong communication skills.
* Ability to analyze and solve problems independently.
* Strong leadership abilities, with the capability to develop and guide IT team members and to work with only minimal supervision.
* A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationship.
* The ability to prioritize work efforts between operational tasks and strategic efforts.
* Must possess an understanding of the retail industry.