Information Security Engineer
Boston, MA | Full Time
High Profile Company seeks Information Security Engineer.
This is a direct hire full-time role with a premiere organisation that offers a very strong compensation package 110-120K+ career growth and stability.
You will be responsible for the design, configuration, implementation, maintenance, testing and monitoring of the Information Security Programs (software, standards, controls and policies for infrastructure, network, systems and applications).
In summary you will:
* Design, implement and manage the technical standards of the Information Security infrastructure, network, systems and applications
* Perform hands on technical vulnerability penetration testing of the technology infrastructure, network, systems and applications.
* Produce reports and recommendations detailing vulnerability analysis.
* Analyze network traffic for anomalous activity and investigate.
* Identify and understand potential threats and vulnerabilities and recommend solutions, mitigations and remediation.
* Monitoring and auditing InfoSec controls
* Perform digital forensics as part of incident response
* Experience performing and completing risk assessments
* Participate and lead incident response to critical security events
* Completed Bachelor's Degree with Computer Science or related course of study
* 3+ years of experience working in a hands on infrastructure or application-level vulnerability testing and auditing
* Scripting or programming; vulnerability scanning tools and processes; application security testing tools and processes; current penetration testing technologies and practices
* Experience participating in digital forensics investigations
* Working knowledge of common OS platforms (Windows, Linux, and OSX)
* Understanding of TCP/IP networking, routing protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS)
* Experience with LAN/WAN networking and security infrastructure (Firewalls, IDS/IPS, and VPNs). System hardening and incident response
* Key security standards and regulations (ISO, FFIEC, Cyber framework, SAN’s 20 critical controls, GLBA, SEC, SOX,...
* Some related InfoSec professional certifications such as CISSP, CISA,GIAC, GCIA, GCIH, GPEN, GCFE, GCFA