This site uses cookies. To find out more, see our Cookies Policy

Security Engineer SOC (No C2C or Sponsorship) in Columbus, OH at Vaco

Date Posted: 2/15/2018

Job Snapshot

Job Description

Let Vaco advocate on your behalf! We place IT professionals in exciting roles with leading companies across the U.S. Our Recruiters are currently seeking a talented Security Engineer for a contract/contract to hire role. Apply with Vaco, and we will be your personal representative! We will promote your strengths and help prepare you for your interview by supplying you with key information about our client. Get the advantage over your competition through our direct access to HR departments and hiring managers.

The individual in this position will be the Security Engineer responsible for building and maintaining the company's Security Operations Center and Incident Response program. This is an individual contributor role but will influence and lead junior level security engineers and analysts to monitor and respond to all security related incidents. This position will act as an advisor for security operations integrations to the company's associates, mainly the Brand Services IT teams. A thorough understanding of incident response situations and SOC functions, procedures, and policies is required.

  • Responsible for the building, deployment, and effectiveness of the security operations center and incident response program.
  • Drive the migration of existing run books and processes to the new SOC environment and processes.
  • Continuously improve and assist in the documentation of identified gaps in the existing incident response processes and procedures.
  • Work with Security leadership to develop SLA's surrounding incident response types
  • Reword to "Coordinate quarterly testing with the other security engineering teams to ensure maximum effectiveness in detections and response.
  • Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  • Oversee daily tasking for junior engineers and analysts.
  • Ability to work with SIEM owner to ensure effectiveness and efficiency of the SOC on a continual basis.
  • Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLA's.
  • Serve as the senior mentor to the SOC staff.
  • Serve as the focal technical lead on incident events and incidents
  • Investigate network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
  • Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms.
  • Managing the chain of custody for all evidence collected during incidents and security investigations

REQUIREMENTS

  • 10 + years of overall IT security experience.
  • 2+ years of experience leading teams utilizing a SIEM
  • Bachelor's degree in a computer related discipline, or 7 years' comparable work/military experience
  • Technical industry certifications (CISSP, SANS, GCIA and\or GCIH)
  • Expert level knowledge regarding incident response processes and procedures
  • Applied knowledge and hands on experience of common SIEM tools (Splunk, QRadar, LogRhythm)
  • Applied knowledge of common infrastructure architecture, including industry standard ports and protocols.
  • Applied knowledge of common ports and protocols being leveraged for attack purposes
  • Experience with regulatory guidelines (PCI, SOX, HIPAA, etc.)
  • Advanced knowledge of threat and vulnerability landscape.
  • Knowledge of application security testing (static, dynamic) and cloud security concepts
  • Knowledge of security models and frameworks (SANS Top 20, FAIR, ISO 27002)
  • Ability to communicate and manage 3rd Party service levels and obligations are met
  • An innate need to protect and serve against malicious operators trying to steal valuable data
  • Operate as a change-agent within the company and advocate for data protection
  • Ability to work and communicate in a team environment using strong communication skills
  • Ability to analyze and solve problems independently
  • Strong leadership abilities, with the capability to develop and guide IT team members and to work with only minimal supervision.
  • A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationship.
  • The ability to prioritize work efforts between operational tasks and strategic efforts
  • Must possess an understanding of the retail industry