Job description
Duties

• Develop strategy for the mitigation of risks of a high availability service-provider environment Manage and support a reoccurring on-call schedule.
• Design, build, install and configure security solutions in a network, physical, cloud and virtual environment.
• Administrate and automate security information events from web hosting infrastructure, including firewalls, load balancers, web servers, middleware, and applications.
• Develop, prepare, coordinate, and execute security response control to correct issues, minimize exposure, reduce impact and enhance security.
• Advise management on tactical and strategic operational improvements to enhance security capabilities and lower costs of delivery.
• Provide and oversee the development of written status reports to management.
• Sustain, maintain and further develop security controls for both agile and waterfall deployments including traditional infrastructure and continuous deployment methods for a dynamic, high-capacity, multi-tiered multimedia infrastructure stack.

Qualifications Required/Essential:

• Bachelor's degree in Computer Science or related field.
• Strong security-related experiences working as a security professional or a systems engineer with significant security responsibilities.
• Experience in a high traffic, public facing production environment.
• 5+ years of experience working predominantly in security desired with at least 3+ years working a high traffic, public facing production environment preferred.
• Experience with CentOS and/or Redhat and Windows, including patch management, security hardening, and third party control solutions.
• Solid knowledge of Layer 3 and Layer 7 defense. Experience with Akamai Kona, Akamai Prolexic, Cloudflare, or another layer 7 WAF required.
• Experience securing a JAVA web stack based on with Apache HTTP/Tomcat Web Servers and IIS.
• Experience with IPSec VPN, SSL (HTTPS/FTP over SSL, etc.), MFA/2FA and PKI.
• Experience working with endpoint security solutions.
• Proficient understanding of modern networking and cloud connectivity.
• Experience collaborating on firewall policy and both common internet services and risky protocols.
• Understanding of automation tools such as ansible, puppet, chef and/or other automation tools.
• Must be a self-starter with excellent logical and analytical skills with a focus on delivering complete, timely and efficient solutions/resolutions.
• Familiarity with system architecture principles.
• Excellent communication skills; must be able to articulate strategic concepts along with supporting execution tactics.
• Desired experience implementing or supporting some or all of the following: ISO 2700x, NIST CSF, SOC2, SOX, and PCI compliance.

Desired/Preferred

• 5 or more years experience working as a security professional.
• 3 or more years experience working in a high traffic, public facing production environment.
• CISSP, OSCP or similar certification, preferred.
• AWS Engineering Experience, preferred. Google Cloud & Azure, a plus.
• Strong Penetration Testing Skills required.