Bradley-Morris offers exclusive career opportunities to professionals with U.S. military experience only. To apply, if you have not already filled out a candidate application, start the process here: https://mapp.bradley-morris.com.
Senior Security Engineer
-You will administer, operate, and maintain the CyberArk, SIEM, and Nessus environment including installation, configuration, tuning, and maintenance of components
-Upgrade and patch CyberArk and other security platforms to the latest versions
-Develop processes and documentation to magnify the benefits of existing tools
-Perform security gap analysis in support of new products as well as the tuning of existing tools
-Work with internal customers to develop requirements to meet their security objectives related to Credential Management
-Create collaborative environment that encourages growth and information sharing including mentoring and educating team members
-Provide the highest level of support for the CyberArk environment
-Provide excellent customer service skills and client focus
-Previous experience or aptitude to be successful in an Administration and Operations capacity
-Ensure that new products and services are supported by the ISCC and that newly defined processes and procedures are trained and understood by the team
- Collaborate with customers to help identified risks and business security requirements for alerting
- Develops and maintains productive business partner and vendor relationships to ensure the convergence of business, technical and security requirements
- Assists business partners with the evaluation and communication of information security issues and development of business processes and technical solutions that reduce risk
- Partners with business leadership to develop budget projections based on short and long-term goals and objectives
- Provides support and guidance on legal and regulatory compliance efforts, including internal/external audit.
- Recommends and coordinates the implementation of administrative and technical controls to support and enforce defined security policies
- Supports operational risk management activities with risk evaluation and treatment recommendations
- Supports internal and external business partners through coordination, development, and execution of security related activities
- Supports the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security
- Researches, evaluates, designs, recommends, and plans the implementation of information security technology and processes, and analyzes its impact on the existing environment
- Bachelor's Degree in Computer Science or a minimum of 5 years applicable experience in the IT development industry or equivalent experience and/or military experience
- 3+ years of Information Security experience
- 1+ years administrative experience deploying, configuring, troubleshooting, and maintaining CyberArk components
- 1+ years administrative experience deploying, configuring, troubleshooting, and maintaining SIEM and/or Nessus components
- Advanced knowledge of content creation concepts and best practices as well as networking experience
- Excellent problem-solving and technical skills
- Experience with any combination of the following: Syslog, TCP/IP, Networking, Linux/Unix, Windows, OSX, Active Directory, Event Analysis, NIST standards and guidelines, Database Activity Monitoring, MS SQL, Oracle, SAN architecture, firewalls, IPS/IDS, A/V, advanced networking
- Experience planning, scaling, implementing, monitoring, and troubleshooting a CyberArk environment
- Knowledge of core security principles and tool management that is product agnostic
- A clear understanding of Windows AD logs, SQL and Oracle events
High analytical skills:
- Must be able to perform analysis and tuning of all incoming security events for threat detection, and increase the efficiency of processing, maximize true threat identification, and ensure accurate reports for auditing.
- Ability to draw meaningful conclusions from reported events and implement appropriate reporting.
- Required to understand the business and technical requirements, architecture and design specifications and developing the associated content and documentation.