Senior Security Engineer

Job Description:

Senior Security Engineer Summary:

Signature Consultants is seeking a Senior Security Engineer for an opportunity in St. Louis, MO. The Senior Security Engineer will manage a variety of technical security auditing capabilities, including a holistic auditing approach of applications, databases, servers, networking devices, and software. He or she will be responsible for demonstrating skills in assessing IT process and technology risks, identifying and evaluating the design of IT controls, designing, executing and documenting IT audit tests, and making initial determination of reportable issues. Assist with HIPAA / HITECH assessments, and data breach preparedness. Will work in close coordination with team members and other business owner’s partners to carry our customer requirements.

Responsibilities:

• Design, build, implement and monitor a holistic audit program across the enterprise
• Develop understanding of appropriate business aspects, IT risks, IT control requirements, processes and systems under review
• Perform process and technology risk analysis with a cybersecurity mindset and focus, prepare process maps and flowcharts, prepare effective and efficient compliance and substantive technical approach; and execute in depth IT audit review
• Perform assessment of IT process and security controls within information systems environment
• Evaluate test results: accurately identify symptoms, root cause, problems, identify alternative controls and develop recommendations
• Perform audit reviews of technology such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory)
• Perform technology assessments in a wide variety of business environments, including: Information Technology Operational and Cyber Security Assessments in accordance with industry frameworks, such as COBIT 5, ISO 27001, ISO 27005, and NIST SP 800-30 and Cybersecurity Framework, HIPAA Security Rule and HITECH Act Compliance, and Cloud Security Compliance
• Assist clients with the performance of Business Impact Analyses (BIAs) along with the development of business continuity and disaster recovery plans (BCPs and DRPs)
• Assist organizations with all aspects of data breach and information security Incident Response preparation and management
• Perform Service Organization Control Examinations in accordance with AICPA requirements (SOC 1 SSAE 16, SOC 2 AT 101, SOC 3 AT 101)
• Provide data classification services
• Develop information technology and security policies and procedures
• Provide trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall cyber security posture
• Prepare reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicate those results to client management

Qualifications:

• Excellent technical and interpersonal skills required
• Experience with Qualys / Nessus Vulnerability scanning tools
• Cloud Experience a plus
• Minimum of 5 of experience with Enterprise Network, DMZ, and Security infrastructure, including design, implementation, and ongoing management and troubleshooting required
• Minimum of 5 years’ experience in designing, developing, implementing, and managing solutions across cybersecurity domains (Cyber Defense, Threat and Vulnerability Management. Advanced Security Analytics, Data Security, Identity Management, Security Operations and Managed Security Services etc.)
• Three years or more of professional experience or job-related experience in Information Security, or Information Technology
• Extensive knowledge and skill of IT analysis which includes expertise in analyzing confidentiality, integrity, availability of complex IT systems
• Familiarity with Secure Software Development practices
• Hands On experience with various programming languages or scripting languages and tools.
• Effective oral and written communication skills
• Strong interpersonal skills and demonstrable leadership ability
• Certifications in one or more of the following: CISSP, CWSP, CCNP, ACE, CCNP Security, Security+, or related
• Familiarity with various operating system platforms (Linux, Windows) and databases security best practices for each
• Strong analytical and problem-solving ability
• Ability to work independently

About Signature Consultants, LLC

Headquartered in Fort Lauderdale, Florida, Signature Consultants was established in 1997 with a singular focus: to provide clients and consultants with superior staffing solutions. For the eighth consecutive year, Signature was voted as one of the “Best Staffing Firms to Work For” and is now the 14th largest IT staffing firm in the United States (source: Staffing Industry Analysts). With 26 locations throughout North America, Signature annually deploys thousands of consultants to support, run, and manage their clients’ technology needs. Signature offers IT staffing, consulting, managed solutions, and direct placement services. For more information on the company, please visit www.sigconsult.com.