04 Feb
Information Security Engineer
Vacancy expired!
- Install and configure new computer security packages;
- Install, update and configure security devices and other hardware used in the protection of EPRI computing environment;
- Assist the management of Information Security in technical support issues, investigations and risk assessment;
- Troubleshoot and resolve security related computer or network problems;
- Respond to end user’s requests involving security related computing or networking problems;
- Consult with end users regarding their secure computing needs, making recommendations for new products and solutions;
- Assist other technical resources as needed within Information Technology Services and resources across the sectors at EPRI to ensure security is factored into the evaluation, selection, installation and configuration of hardware and software solutions;
- Self-development on new and emerging security risks and technologies that effect EPRI's computing environment;
- Assist in the research, design, and implementation of new security architectures;
- Co-ordinate with peers at EPRI on the development of new security solutions and on incident response;
- Mobile device security support;
- Perform vulnerability assessments against systems and networks managed, or related to EPRI;
- Review applications in accordance with ASVS L2B;
- Identify, analyze and make recommendations to improve security and reduce system problems relating to access, applications, programs and functions;
- Monitor systems, including LAN, WAN, external access (i.e., VPN, firewalls) and data security infrastructure by examining alerts and logs for anomalous events;
- Follow defined change management process as appropriate;
- Investigate real or potential incidents of security violations and data corruption or loss and promptly reports findings to manager for direction.
- Associate's degree or equivalent experience desired.
- 2-4 years of experience in desired fields (information security, computers, telecom, networking, etc.).
- Strong knowledge of the Windows operating systems (Workstation & Server).
- Strong knowledge of other OSs (Apple, UNIX, Linux).
- Working knowledge of various security tools supporting end point protection, vulnerability management, and others.
- Working knowledge of SIEM and SOC operations.
- Working knowledge of forensic toolkits and virmalware response.
- Working knowledge of at least 1 for the following scripting/programming languages: a) Python, b) Perl, c) Linux/Unix Shell script, d) Java, e) PowerShell.
- Strong knowledge of TCP/IP, IP routing, and related Internet and network protocols.
- Strong knowledge of firewalls, IPS, IDS, HIPS, VPN, TLS/SSL, terminal servers, RAS, DNS and other systems that are or should be in-scope.
- Knowledge of various devices, including servers and network switches and routers.
- Expert knowledge of browsers and exploit methods
- Motivated self-starter
- Committed to continuous education through formal and informal professional development
- Operates with discretion and confidentiality as appropriate
- Strong written and verbal communication
- Functions well in a team environment
Vacancy expired!