Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Senior Security Engineer

Expired Job

Risk Management Solutions Boston , MA 02298

Posted 3 months ago

Senior Security EngineerKey Responsibilities:

The Senior Security Engineer will be responsible for

  • Ensuring applications, networks, systems and cloud services are planned, designed, developed, implemented, and monitored in accordance with security controls related to SOC 2, ISO 27001 and the RMS Information Security Policy

  • Developing, implementing and monitoring enterprise information security architectures and solutions for on-premise and Azure hosted infrastructure for both corporate and customer environments

  • Analyzing infrastructure, networking, and system design from a security perspective and providing recommendations and approvals for implementation decisions

  • Analyzing network traffic patterns, system logs, SIEM and endpoint security tools for unusual or suspicious activity

  • Defining, implementing and executing incident response playbooks in conjunction with the Security Operations Center

  • Working closely with the Security Operations Center to develop new data feeds and services for continuous monitoring and detection capabilities, including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregating multiple security alerting sources

  • Reviewing firewall policy rules and performing security risk assessments and approvals for network and system configuration changes

  • Assisting in the development and automation of threat management, vulnerability management, and incident management processes

  • Working closely with cross-functional teams to embed security, logging, auditing, and support for all corporate and cloud operations

  • Performing assessments of security tools, vendors, and solutions to support information security roadmap initiatives

Qualifications

  • Minimum 7+ years of experience in Information Security with an emphasis on network and system security

  • At least one security-related certification, such as CISSP, GIAC, CompTIA Security+, required. CISSP strongly preferred.

  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment

  • Experience in DevOps environments and maintaining security in CI/CD processes highly desired

  • Solid understanding of Microsoft Azure architecture and services

  • Detailed understanding of Microsoft Office 365 application security, especially related to email and One Drive

  • Deep understanding of VPN, PKI, IPAM and MFA technologies required

  • Demonstrated proficiency in system hardening techniques for Microsoft Windows, Linux, and Mac OSX

  • Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 270001 and SOC 2

  • Hands-on technical proficiency with IDS/IPS and SIEM tools. IBM QRadar, Splunk, and Graylog expertise highly preferred.

  • In-Depth knowledge of TCP/IP addressing and standards including network design, firewall configuration, load balancing, remote access, strong authentication, vulnerability scanning, VPN and DMZ management

  • Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent projects happening simultaneously.

  • Experience in creating detailed solution design documents & diagrams

  • Demonstrated experience in investigating security issues related to the Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus

  • Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, highly preferred.

About RMS:

There's a 5% chance that a hurricane will cause $60 billion of insured losses next year and a 1% chance an earthquake will cause $50 billion of insured loss in the next 12 months. At RMS, we build the simulation models that allow insurers and investors to understand portfolio risks due to catastrophes: natural catastrophes (hurricane, earthquake, flood), terrorism, pandemic, and changes in life expectancy.

We are one of the most exciting companies you've probably 'never' heard of, unless you're one of our hundreds of clients in the (re)insurance, banking or hedge fund sector. We lead an industry we helped pioneer and ultimately our work makes a true impact on the world at large. How we understand and manage risk affects everybody and our passion is nothing less than creating a more resilient world through a better understanding of catastrophic events.

We are evolving our vision by delivering future solutions in the cloud, our cutting-edge risk management platform 'RMS(one)' for the global risk market. RMS(one) will create a holistic and integrated view across the enterprise with one platform for all models, all points of view, and all data. All will be run as equal partners on RMS(one).

RMS has 1,200 employees in 11 countries, including offices in Newark (CA-USA), Noida (India), London (UK), Hoboken (NJ-USA), and Zurich (Switzerland).

To find out more, visit www.rms.com or follow us on Facebook, LinkedIn or @rmsjobs on Twitter.

RMS is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity without regard to race, color, creed, gender, religion, marital status, registered domestic partner status, age, national origin or ancestry, physical or mental disability, genetic characteristics, sexual orientation, or any other classification protected by applicable local, state, or federal law.

RMS is enrolled in E-Verify and will be participating in E-Verify in addition to our Form I-9 process. www.dhs.gov/E-Verify.

To all recruitment agencies: RMS does not accept unsolicited agency resumes and will not responsible for the payment of placement fees related to unsolicited resumes submitted to open positions, job aliases, or to our employees.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Engineer

Ezcater

Posted 1 week ago

VIEW JOBS 11/8/2018 12:00:00 AM 2019-02-06T00:00 In 2007, two software engineers and serial entrepreneurs founded a technology company, ezCater. Today, ezCater is the only nationwide online marketplace for business catering in the United States a $23.9 billion market. Our 3M+ on-time ratings and reviews, our 60K+ caterers and restaurants, and our 5-star customer service make it superbly easy for business people to find and order great food for their meetings and events. We're backed by Insight Venture Partners, Iconiq Capital, and Wellington Management, we're on a path to $1B in 2019, and we'll get there - even more surely if you come help us. ezCater is looking for a Security Engineer who will be responsible for actively supporting the availability, integrity, and confidentiality of ezCater information assets. The Security Engineer will participate in a broad range of technical security engineering, tasks in support of the security program at ezCater. This role would serve as the foundation to the SOE/SOC team by facilitating all inbound/outbound security alerts. We're seeking someone with the passion to get things done and the experience to help us do things more effectively. ezCater values technology as a differentiator and a key component of our success. It powers everything we do. We push ourselves every day to better the codebase, improve performance, and deliver an amazing customer experience. Check out this CBS Boston article for a glimpse into our culture. You will: * Be responsible for the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impending IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. * Define, deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support the global and enterprise environments covering threat/vulnerability management. * Be responsible for evaluating, testing, recommending, developing, coordinating, monitoring and maintaining information security for operating systems, user authentication, and applications; driving strategic security architecture. * Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume. * Identify appropriate platform and application logging and triggers at design phase to support advanced fraud and cyber detection use cases. * Maintain an understanding of attacks, vectors and emergent threats. Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies. * Review/troubleshoot miscellaneous issues users may encounter to systems applications. * Review and implement policies and procedures regarding security access as problems are identified, received, documented, distributed and corrected. * Learn in a dynamic fast paced business environment. This includes new hardware, software, business processes, acquisitions, etc. You have: * A minimum of 8 years security or related experience * CISSP, Sans or an equivalent security certification * Solid understandings of security on networks, hardening, patch management, pentesting, vulnerability testing, open systems, applications, and web and public facing systems. * Solid understanding of networking concepts * Linux system administration experience * Experience with security related technical tools (Palo Alto, Tripwire, Splunk, ELK) and processes is required. * Working knowledge of SOX, PCI, COBIT and ISO 27000. What you'll get from us: Importantly, you'll get sane working hours and a huge amount of flexibility around work/life balance. Have people in your life – of any age – who always, often, or sometimes need your help? We make room for that. Have a bad thing or a good thing happen to you? We make room for that, too. Oh, and here's what else you'll get: Market salary, stock options you'll help make worth a lot, the usual holidays, all-you-can-eat vacation, 401K, health/dental/FSA, long-term disability insurance, subsidized T-passes, a great office smack-dab in Boston's Downtown Crossing, a tremendous amount of responsibility and autonomy, wicked awesome co-workers, cupcakes (and many more goodies), and knowing that you helped get this rocket ship to the moon. ezCater is an equal opportunity employer. We embrace humans of every background, appearance, race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, and disability status. At the same time, we do not employ jerks, even brilliant ones. Ezcater Boston MA

Senior Security Engineer

Expired Job

Risk Management Solutions