Identifies areas for improvement to the cybersecurity posture, researches potential solutions, performs proof of concepts, and implements new products following industry best practices in order to ensure the confidentially, integrity and availability of sensitive data.
- Research, recommend, implement and maintain cybersecurity solutions, including intrusion prevention systems, intrusion detection systems, web application firewalls, web filters, malware detection and analysis platforms, data loss prevention systems, file integrity monitors, log aggregators, and other cybersecurity platforms as required.
- Review existing and proposed architectures, identify security design gaps, and recommend changes or enhancements as needed.
- Analyze, select, and design implementation strategies for PKI encryption technologies and products.
- Ensure that security solutions are acquired, configured and implemented correctly.
- Monitor and maintain security systems for operational and performance issues, required patches, security vulnerabilities, and available upgrades.
- Develop and implement security solutions and capabilities for systems and network infrastructure and cybersecurity teams that are clearly aligned with business, technology, and threat drivers.
- Ensure that data is protected from unauthorized modification, destruction, and disclosure.
- Understand current and emerging security threats. Identify security architecture capabilities and design security architecture patterns to mitigate threats.
- Provide technical security expertise on projects for voice, video, and data systems.
- Test security controls and systems, including working with process owners to define remediation plans.
- Advocate and enforce cybersecurity best practices and share insights throughout the organization.
- Provide / conduct after-hours/on-call support, troubleshooting, and/or maintenance, as needed
- Develop, maintain, test, and troubleshoot cloud and on-prem web application firewalls and rulesets
Knowledge, Skills, and Abilities:
- Strong understanding of the risks associated with current and emerging technologies as well as the standards and controls being developed to mitigate those risks.
- Expert level understanding of Windows and Linux (Unix-based) operating systems.
- Knowledge of design principles for local area networks, switching and routing protocols, wireless technology, network testing tools, IP addressing and subnet schemes, and VOIP.
- Expert knowledge of cybersecurity principals and activities.
- Must have strong, demonstrable experience in Security engineering, design, and implementation.
- Ability to identify and recommend mitigations for vulnerabilities and exploits.
- Understanding of software and/or application lifecycle and the implementation of security principals throughout.
- Ability to self-learn new technologies.
- Ability to manage changing workloads while maintaining a sense of priorities and delivering quality service within required timeframes.
- Ability to translate technical information into business language.
- Demonstrated adaptability, analytical and problem solving ability, and attention to detail.
- Ability to translate control requirements and recommendations into actionable improvements.
- Ability to work independently on initiatives with little oversight.
- A willingness to be challenged along with a strong appetite for learning.
- Work with development teams to troubleshoot WAF rulesets and applications’ interactions with them
- Strong systems engineering skills with an emphasis on network architecture
- Deploy, configure and maintain cloud native and on-premise web application firewalls including:
- Logging of all WAF events
- Responding to WAF events
- Developing WAF incident response plans
- Updating threat models based on WAF event patterns
- Mentor and provide guidance on WAF engineering to other engineers and leadership
- Understanding of PKI.
- Experience managing security infrastructure such as firewalls, IDS/IPS, WAF, RASP, endpoint protection, SIEM and log management technologies.
- Experience developing, maintaining, enhancing or selecting WAF rulesets
- 4+ years of experience working with secure design and implementation with concentration on at least 5 of the below:
- Network infrastructure (firewalls, switches, routers, wireless access points)
- Security Infrastructure (IPS, IDS, WAF, RASP, NAC, FIM, DLP, etc.)
- Operating systems (Windows, Linux)
- Database Security (MS SQL, Oracle, etc.)
- Identity and Access Management
- Single Sign-on
- Active Directory security configuration and design
- Active Directory Federated Services
- Wireless network security
- Automation and coding experience (PowerShell, BASH, Python, etc.)
- Experience with cloud based WAF
- Experience detecting and analyzing security events and/or responding to security incidents.
- Experience leading high-profile security projects.
- Bachelor’s degree in Information Systems, Computer Science, Computer Engineering related or equivalent work experience.
- 3+ years of experience developing, maintaining, and reverse engineering scripts and utilities written in interpreted languages such as shell scripts and Windows PowerShell.
- Previous system administration experience.
- Previous web application programming experience
- Experience with on-prem WAF solutions
- Experience working with cybersecurity compliance requirements such as PCI, SOX, FedRAMP, HIPAA, CJIS etc.
- Verifiable cybersecurity certification required. May include, CISSP, CASP, OSCP, CEH, CISA, CISM, and GSEC.
Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools. May be required to lift up to 40 pounds.
The Company’s policy is to provide equal employment opportunity to all individuals in all of its employment programs and decisions. Securus Technologies, Inc., and its Subsidiaries will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.
Intrusion Detection Systems
Certified Ethical Hacker
Giac Security Essentials Certification
Security Information And Event Management