Senior Cybersecurity Engineer
Location: O’Fallon, IL
Provide clients with cybersecurity services to protect their systems, employees, and customers. Provide/perform security services in client environment to include but not limited to penetration testing, vulnerability scanning, risk assessments, security engineering, social engineering, policy review & development. Document findings, write security reports and discuss solutions with clients. Develop Incident Response plans and simulated exercises to ensure plan efficacy. Requires a well-rounded background in multiple security domains. Requires an expert level of technical skill and extensive experience in multiple security domains. Mentors and trains those juniors in skill level.
Broad range of experience in offensive (penetration testing) techniques and defensive mechanisms (firewall, IDS/IPS, DLP, etc.), security policy development, Incident Response, security product testing, leading Social Engineering campaigns. A comprehensive understanding of the latest threats, and procedures, is essential. An ability to manage multiple projects and follow them to completion. Detail-oriented with strong organizational skills. Exceptional oral and written communication skills.
- Understanding the API ecosystem tools and technologies such as Postman, Swagger.
- Previous penetration testing experience required.
- Cloud Service Provider Platforms: AWS, GCP or Azure.
- Basic understanding of Cybersecurity Governance patterns: Policy -> Standards -> Control Solutions.
- Intermediate understanding of Network Security principals – basic segmentation, firewall rules, best practices, limiting administrative ports, protecting workloads with WAF.
- IAM fundamentals – principal of least privilege, authN, authZ, RBAC.
- Intermediate understanding of Data Security principals – encryption in flight, encryption at rest, DLP fundamentals.
- Networking OSI model, routing, switching, load balancing, client-server, packet analysis.
- Intermediate to Advanced scripting / automation skills.
Four-year degree in C.S., C.I.S., or related field and four years related experience. Without degree, eight or more years related experience.
CISSP Certification Required