Senior Security Engineer

Senior Security Engineer

Vacancy expired!

AE Business Solutions is seeking a driven

Security Engineer for a

Direct Hire position with a client in Madison, WI. The ideal candidate will be joining a growing team in a dynamic environment and will assist with support of existing security controls to ensure stability, uptime and effective control operation.

Local Candidates Candidate must be within a commutable distance to Madison or willing to relocate on own expense.

What you will be doing:

• Lead research and testing of new technologies from a security perspective as required and as driven by the business or regulatory needs.
• Measure and report system security posture through the ongoing development and refinement of security metrics.
• Assist with security assessments of businesses acquired by TDS Telecom.
• Consult with project teams and IT management in the development of requirements for the organization's architectural documents to maintain security while meeting business objectives.
• Implement firewall and VPN policies. Create and assist with the deploying of firewalls and VPNs implementation designs.
• Lead the deployment and operation of security controls including, but not limited to: intrusion detection, content filtering, configuration management and vulnerability management controls.
• Develop, plan and support systems to enable analysis and reporting of security events and network activity as required.
• Monitor systems and devices for compliance with security and regulatory requirements, evaluate activity logs and document actions taken to investigate and resolve any identified issues.
• Perform systems and network forensic investigations as needed.
• Follow established forensic principles for evidence seizure, computer forensic analysis and data recovery. Gather and analyze data in a manner as free from distortion or bias as possible to reconstruct data or what has happened in the past on company systems.
• Coordinate with law enforcement to ensure accurate and timely delivery of data during investigative events.
• Maintain expert knowledge of vendor products, services and security technologies and recommend/implement their use.
• Design and Manage Information Security Standards

What you bring to the table:

• Bachelor degree (or higher) -OR- 4+ years of professional work experience.
• 8+ years of IT-related work experience.
• 6+ years of IT security-related work experience
• Strong preference for candidates with an advanced ISC CISA, CISM, CIPP or CISSP certification plus one of the following certifications: ISC SCCP, CompTIA Security+ or SANS GIAC. Alternatively, strong preference given for candidates holding three security certifications from ISC, SANS or CompTIA.
• Mastery of security principles such as encryption, hashing, PKI and the AAA framework.
• Proficient with at least 2 IT security standards including NERC, NIST, ISO 27001, ISO 27002, RFC 2196 or ISA/IEC-62443.
• Experience with one or more programming languages in the use of simple scripting or application development including: UNIX shell, Perl, Python or Ruby.
• Experience with open source log storage tools such as ELSA, Elastic Stack or Graphite
• Extensive experience with multiple firewall platforms (Cisco ASA, Juniper ScreenOS and SRX, Fortinet and Palo Alto Networks). Experience with Anti-DDoS security devices a plus.
• Experience with remote access solutions including solutions for mobile devices.
• Extensive experience with IPSec and SSL VPN implementations from Cisco, Juniper ScreenOS and SRX, Fortinet or Palo Alto Networks technologies.
• Extensive experience with Internet networking protocols (e.g., DNS, NTP, SMTP, FTP, etc.) and extensive experience doing analysis of raw data captures with Wireshark.
• Proficient with VoIP signaling and media protocols.
• Experience with 2 or more families of server OSes including Windows, Linux or UNIX. Experience with 2 or more desktop OSes including: Windows, Apple macOS or popular Linux distributions.
• Experience in monitoring and administrating host-based intrusion detection systems such as OSSEC, Tripwire or Verisys.
• Extensive experience with network security assessment tools such as masscan, nmap, zmap, Canvas, Core Impact, Metasploit, Lynis, hping, scapy and tcpreplay.
• Experience with open source network security intrusion detection tools (e.g., Snort, Bro, Suricata).

Want to Join us? Apply here or send your resume to

TECHNOLOGY. INNOVATION. PEOPLE

The AE Advantage!
We're not a staffing company: We're an IT Solutions Integration company with an IT Staff Augmentation Division. We've been Madison-based for over 70 years. Not only is Madison the market we serve, but it's our home.

We pay a generous bonus for the referral of an eligible candidate who works forAE Business Solutions for 90 days

AE Business Solutions does not sponsor applicants for employment visas.
AE Business Solutions is an Equal Opportunity Employer. EOE/AA