26.01.2015 - Security Engineer
Location: London, England, United Kingdom
Additional Location(s) or Information:
Job Category: Information Technology
Level of Experience: Experienced - Non Manager
As a Senior Security Engineer you are part of a team that is responsible for ensuring the operational security of our Cloud Web Security product. The team is responsible for maintaining security systems, administering security policies, investigating and recommending security technologies and performing security investigations. In your role, as a Security Engineer, you address the most complex issues and develop recommendations and plans to resolve them. This is a challenging position working in a fast paced environment, with the opportunity to utilize your experience as a subject matter expert to positively influence not only the team objectives, but the business units as well.
• Responsible for identifying security related gaps/deficiencies and to formulate and present sound recommendations for remediation.
• Perform security audits of infrastructure systems security, maintain compliance against vulnerability assessments and oversee penetration testing
• Provide technology solutions input and recommendations to address technology issues, working closely with our architects and SME’s
• Help define overall security strategy, policy and procedure.
• Perform forensics research and provide incidence response.
• Providing customers and management with Root Cause Analysis (RCA) and project feedback.
• Troubleshoot escalated, extended, or recurring issues.
• Evaluate the impact of current security advisories and publications.
• Support fellow Cisco employees with security advice and guidance.
• Responsible for security standards, documentation, and new feature testing for a global network and Data Center infrastructure.
• Provide mentorship and training of other associates at the same level or below on processes and tools.
• Recommend process improvements and educational programs/trainings.
• Proactively monitor log files and incoming alerts.
• Regularly author troubleshooting guides, acceptance procedures, and upgrade procedures.
Required Skills and Experience
• A minimum of 5 years of related experience is required.
• Related technology degree or Masters
• Certifications in CISSP, CCSP, CISA, GSEC, CCIE, CCNP, or others are preferred.
• Demonstrated knowledge of security standards, procedures and policies pertaining to data access and information systems (ISO, SSAE, PCI etc).
• Demonstrated working knowledge and proficiency in networking, operating systems, databases, protocols, security technologies, and risk assessment.
• Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms.
• Expertise in network and system based attacks and mitigation.
• Expertise in network-related protocols (e.g., TCP/IP, IPsec, 802.1x) strongly preferred.
• Knowledge of operating system internals and interfaces/protocols.
• Network security engineering design
• Excellent verbal, written and communication skills
Desired Skills and Experience
• Desired scripting skills (e.g., Python, Ruby, Perl, shell).
• Certified Ethical Hacker
• Demonstrated penetration testing methods