Info Security Engineer-Perimeter Security Ops Sr. Manager

Pwc Washington , DC 20319

Posted 2 months ago

A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You'll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.

To really stand out and make us ?t for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: - Take action to ensure everyone has a voice, inviting opinion from all.

  • Establish the root causes of issues and tackle them, rather than just the symptoms.

  • Initiate open and honest coaching conversations at all levels.

  • Move easily between big picture thinking and managing relevant detail.

  • Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.

  • Develop specialised expertise in one or more areas.

  • Advise stakeholders on relevant technical issues for their business area.

  • Navigate the complexities of global teams and engagements.

  • Build trust with teams and stakeholders through open and honest conversation.

  • Uphold the firm's code of ethics and business conduct.

Team focuses on operational engineering activities across the suite of security tools managed in the NIS central service environment. The core areas of focus for Perimeter Security are Firewalls (Cloud, Physical, Virtual, WAF), Proxies, IPS, and VPN. This includes but is not limited to Major Incident Response and Resolution, Tuning and maintaining solutions, providing mentoring to junior staff, improving security posture, operational projects, and overall operational process improvement.

Job Requirements and Preferences:

Basic Qualifications:

Minimum Degree Required:

High School Diploma

Minimum Years of Experience:
6 year(s) involving information security and /or engineering experience in large enterprise environments.

Preferred Qualifications:

Degree Preferred:

Bachelor Degree

Certification(s) Preferred:

CCNP, CISSP, PCNSE

Preferred Knowledge/Skills:

Demonstrates intimate level abilities and/or proven record of success as a team leader in the following areas:

  • Troubleshooting and resolution of complex network security incidents, to include packet capture and analysis, log review, and critical thinking;

  • Building/deploying/configuring/managing firewalls in an enterprise level environment with 50+ firewalls;

  • Demonstrating experience in networking and firewalls;

  • Possessing specialist level experience with Palo Alto administration as well as the design and implementation of industry leading practices;

  • Solving complex technical problems through engineering, including requirements analysis, design, development, implementation and testing;

  • Possessing stakeholder management skills and the ability to set expectations and respond to business needs in a complex high-pressure environment;

  • Demonstrating Security Risk Assessment for firewall rule implementations;

  • Possessing knowledge of Azure NSG, Load Balancer, UDR configuration and troubleshooting;

  • Understanding of knowledge management and training for L2/L3 firewall consultants;

  • Managing Documentation for perimeter security environments;

  • Developing global standards for Palo Alto technologies;

  • Understanding security technology operational industry standards;

  • Contributing to a central technology service organization;

  • Navigating a matrix organization and collaborating with multiple stakeholders across functional and technical skill sets;

  • Leveraging facts and data when approaching problems and considering both the customer's perspective as well as the enterprise's perspective while focusing on overarching goals and objectives;

  • Exhibiting capabilities to multitask, performing and delivering results as both part of a team and independently;

  • Demonstrating relationship and team building skills that foster an inclusive and collaborative environment for stakeholders and team members; and,

  • Collaborating with design and build engineering teams to establish maximum capability of security solutions are achieved in the run state.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information System Security Engineer (Isse)

Solutions By Design II, LLC

Posted Yesterday

VIEW JOBS 11/21/2019 12:00:00 AM 2020-02-19T00:00 The <strong>Information System Security Engineer (ISSE) </strong>will join our team of Cross Functional Cyber Security specialists providing RMF, Security Authorization, Controls Assessment, Change Management, Continuous Monitoring, Vulnerability Management and Incident Response for our federal client.  The ISSE will work alongside individuals of varying specialties in Security Engineering, Compliance, and Analysis. <br />  <br /> The ideal candidate for this role will have knowledge in Cyber Compliance with NIST 800-53, 800-37, 800-66, and 800-171 and FIPS 199, with additional hands-on experience in Cloud Security with platforms such as AWS, Google Cloud, Azure, etc., and is well-versed in the architecture and design of the respective cloud including associated services, how the cloud interconnects with agencies, and, specifically, how to conduct business within the cloud environment in a secure manner.  This person will support the security engineering activities associated with evaluating, implementing, managing security practices and continued operations of new and existing technologies across the Enterprise. Prior experience or knowledge with Cyber Security Compliance (DHS 4300A, DHS ISSO Guide, FIPS199) is desired.  <br />  <br /> <strong>Responsibilities Include:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Cloud Security Activities: </strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Provide technical support for enterprise infrastructure components (network, database, middleware, security and open source code) technology transitions and migrations to cloud services; e.g. Platform as a Service (PaaS), Infrastructure as a Service (IaaS), etc.</li> </ul> </li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Risk Management Framework (RMF) Activities:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support all activities as outlined in the NIST SP 800-37, Risk Management Framework for Information Systems and Organizations. This includes the process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.</li> </ul> </li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Security Control Assessment Response:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support all assessment activities by responding to interview questions as well as working with the system teams to gather appropriate evidence as directed by the SCA team.</li> </ul> </li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Configuration/Patch/Vulnerability Management:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Review scan results for the system assets, identify the respective remediation for misconfigurations and weaknesses, and work with the system team to ensure timely implementation of fix.</li> </ul> </li> </ul> <strong>Additional Requirements and Responsibilities:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must be a US Citizen able to obtain a federal clearance</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must be located in the Washington, DC metro area and be able to commute to the customer site in Washington, DC as needed (some remote work is acceptable)</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must have and maintain at least one active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA, or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis)</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5+ years of experience either in managing IT projects and programs, or specialized experience in one of the below positions: Information Systems Security Officer, Information Systems Security Engineer, Information Systems Security Auditor or Information Systems Security Manager</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5+ years of experience in security engineering or security operations</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Cloud Security experience in at least one of the following platforms: AWS, Google Cloud, Azure</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Demonstrated proficiency in vast array of Cyber Security platforms: Standard Application Online (SAO), Security Information and Event Management (SIEM), Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Data Loss Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, Endpoint Security</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5+ years of experience with analyzing, assessing and implementing corrective actions based on vulnerability management tools</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience preparing documentation and materials to support the operations of FedRAMP compliance requirements throughout the organization</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience working in an Agile environment and provide quality, professional deliverables in a short timeframe with little to no guidance from the Government</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience providing technical security solutions and control implementation recommendations to the Agile Development teams based on industry best practice and Federal requirements</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience supporting multiple high-volume project assignments</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Conduct Risk Analysis on vendors, cloud service providers, etc. as necessary to identify flaws, threats and risks in emerging IT projects, and develop technical in-depth engineering solutions to address and mitigate these risks</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Excellent customer service, analytical, problem solving, team-building, and interpersonal skills</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ability to work independently and function as an integral part of the team</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Listening skills, the ability to detect explicit and implicit needs and wants</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience working with or knowledge of NIST SP 800-53, RMF, FISMA, DHS and DoD policies</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Listening skills, the ability to detect explicit and implicit needs and wants</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ability to work independently and function as an integral part of the team</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Strong analytical and problem-solving skills</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Demonstrated interviewing and negotiation skills applicable to identifying, defining, and evaluating requirements</li> </ul> <strong>Desired Skills, Knowledge, and Responsibilities:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Security Authorization Documentation: </strong>Experience with or Understanding of the FIPS 199, e-Authentication, Privacy Threshold Analysis (PTA)/Privacy Impact Analysis (PIA), Security Plan (SP), Contingency Plan (CP), and Contingency Plan Test (CPT), Interconnection Security Agreement (ISAs) and Memorandum of Agreement/Understanding (MOA/Us) and any other FISMA-related security documentation.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Change Management: </strong>Experience reviewing change requests for potential impact to the system security posture.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Continuous Monitoring: </strong>Experience conducting audit log and account management reviews and update the Control Allocation Table and Trigger Accountability Log.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;"><strong>Incident Response: </strong>Experience working with Security Operations Center (SOC) and system teams to investigate and analyze any incidents affecting assigned system(s).</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ability to work on high priority ad hoc requests such as data calls, Senior Management Initiatives (CIO, CISO, etc.), customer mandates, etc.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Deep understanding of Security Regulations, such as the NIST Publications and OMB Security related documents</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Develop briefings and presentations for Government PM and Executive Management</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support all Security Authorization Processes, Security Control Assessments and Ongoing Authorization activities as required and as directed by the Federal Government</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ensure systems are properly patched and hardened according to DHS requirements</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Conduct research and analysis on abnormalities and provide recommendations</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Provide, prepare, and conduct security training, as needed</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Apply and analyze privacy laws, administrative laws, regulations and policies surrounding the Privacy Act of 1974, the E-Government Act of 2002, or the Homeland Security Act of 2002</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Experience with controls standards such as NIST 800-53, 800-37, 800-66, and 800-171 as well as other privacy regulations</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support security and privacy requirements for internal and external system connections</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support proposed collection, sharing, and maintenance of PII through privacy compliance documentation</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Perform comprehensive document reviews (DR) on all risk management and security operations documentation, in alignment with DHS, USCIS and FISMA requirements</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Conduct quality assurance checks to ensure that the finished documentation meets DHS, USCIS, and FISMA requirements</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Implement a two (2) day turn around for the following artifacts: FIPS 199, E-Authentication Workbook, PTA, PIA, CP, CPT and a five (5) day turn around for the review of the Security Plan (SP).</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Establish a mailbox and report tracking mechanism to ensure that the federal staff knows the status of all documents that are in the review process at all times by running a simple report.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Revise, edit, or update security authorization documentation and presentations</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Create, adapt, and follow project schedules and deadlines</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Develop a thorough understanding of the audience and the documentation required by meeting with colleagues, and working with managers to discuss technical problems</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Research and build knowledge about products, services, technology, or concepts</li> </ul> Solutions By Design II, LLC Washington DC

Info Security Engineer-Perimeter Security Ops Sr. Manager

Pwc