Information Security Engineer (SOC/NOC) - Contract to Hire - Remote (US/PST)

Information Security Engineer (SOC/NOC) - Contract to Hire - Remote (US/PST)

Title: Information Security Engineer (SOC/NOC)

**Location: Remote (US/PST)

Duration: Contract to Hire

Compensation: $40-50/hr.

Work Requirements: US Citizen, GC Holders or Authorized to Work in the US

Qualified candidates may send a copy of their resume (Word Format) to tsanchez@inspyrsolutions.com **

Position Summary: The primary job function of the Information Security Engineer (SOC/NOC) is to identify, investigate, and escalate alerts and events to safeguard sensitive information from unauthorized access or breaches of malicious and potentially damaging intent in a 7x24x365 environment. Manages and configures security monitoring tools. Assess security systems and measures for weaknesses and possible improvements. Create and maintain the enterprise's security architecture design. Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions. Must be ethical, curious, and detail oriented.

Other essential NOC/SOC functions are to assist in supervising the monitoring/maintenance of the company's enterprise Infrastructure. This would include software/applications, hardware, and network efficiency. Will also be responsible for definition of process road maps (KB), change management validations, user/system impacted incident management and resolutions; Administration of all SOC/NOC owned tools including scripting, customizations, report building, alert modifications, automations, and maintenance; Minimize risk and exposure to system security and business interruptions of company's infrastructure; actively participate in disaster recovery and BCP events. Some scripting, coding and/or technical certificates may be needed to achieve certain job functions, so willingness to expand technical attributes will be expected. **

Essential Job Functions**

• Monitor all software/applications and production environment on available tools
• Supervise all Incident/Security issues, including preliminary triage, troubleshooting and remediation.
• Administration of all team owned tools/applications including scripting, customizations, report building, alert modifications, automations, and maintenance
• Work with other IT and business groups.
• Send out communications for both Incident and Security issues. (including leadership and business communications)
• Provide documentation for process changes and format updates
• Minimize risk and exposure to system security and business interruption on company's infrastructure
• Actively participate in disaster recovery and BCP events
• Actively creating enterprise security documentation.
• Some Scripting/coding in Python, Java, Perl, C, BASH, Shell

Knowledge & Experience

• Extensive experience in enterprise security architecture design.
• Extensive experience in enterprise security document creation.
• Experience in designing and delivering employee security awareness training.
• Experience in using Extra Hop, Qradar, Splunk and/or any other security related tools.

Security Certifications (one or more of the following):

• GIAC Security Essentials Certification
• GIAC Security Leadership Certification
• ISACA Certified Information Security Manager
• Microsoft Certified Systems Engineer: Security
• (ISC)2 SCCP
• (ISC)2 CISSP
• (ISC)2 ISSAP

Education : BS degree in Computer Science, Information Technology, or related field; or equivalent combination of education and work experience **

Experience**

• 2-5 years of NOC administration monitoring with computer operating systems, applications, and related technologies
• 2-5 years of Security operations and related technologies

Essential Job Functions

• Security & operational monitoring, maintenance, and performance/integrity of enterprise Infrastructure - 25%
• Administration of all team tools/applications including scripting, customizations, report building, alert modifications, automations, and maintenance - 20%
• Create and maintain the enterprise's security architecture design. - 5%
• User/system impacted incident management and resolutions, including working with multiple IT groups, Incident Managers, open business communications and reporting to IT Senior Leadership- 35%
• Minimize risk and exposure to system security and business interruption on company's infrastructure - 10%
• Mentoring/Training - 5%
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Demonstrates Company's core values of People, Service Excellence, Trustworthiness, Process Simplicity and Product Value
• Cordially and professionally interact with customers, vendors, superiors, and peers
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes
• Regular attendance on a full-time schedule of at least 8 hours and 40 hours per week

Knowledge and Skills:

• SolarWinds
• PRTG
• Splunk
• App Dynamics
• ServiceNow
• Extra Hop
• Qradar
• TrustWave
• ProofPoint
• CrowdStrike
• Microsoft Security Suite
• Incident Management Communication tools
• CV/CIRT Gov't notification process
• Other monitoring/security tools (e.g. Nagios, SEP, RSA, Exabeam, ScienceLogic, OpsView, BMC Helix, etc.)
• Other Log Monitoring tools
• F5 and load balancers
• Firewall/router/networking equipment
• Enterprise level process and escalations
• Full stack monitoring (specifically geared towards App monitoring)
• Familiarity with Data Center Firelife systems, CRAC/HAVC units, UPS', and Data Center Generators

Personal Attributes

• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.