Senior Cybersecurity Engineer
Location: O’Fallon, IL
Work with our Commercial clients to test, discover, and exploit weaknesses in their networks, applications, people/employees, and physical environment. Perform a wide variety of security services in our client environment’s include pen testing, vulnerability scanning, security engineering, social engineering, policy review & development, planning and simulations, to ensure they are maturing in their cybersecurity model. Requires a well-rounded background in multiple security disciplines as well as facets. Requires an expert level of technical skill as well as verbal and written communication skills to ensure successful client engagements. Mentors and trains others based on their current skill level.
Broad range of experience in offensive (pen testing) techniques and defensive mechanisms (firewall, IDS/IPS, DLP, etc.), security policy development, Incident Response, security product testing, leading Social Engineering campaigns. A comprehensive understanding of the latest threats, procedures, and facilities is essential. Detail-oriented with strong organizational skills. Exceptional oral and written communication skills.
- Understanding the API ecosystem tools and technologies such as Postman, Swagger.
- Previous pen testing experience required.
- Cloud Service Provider Platforms: AWS, GCP or Azure
- Experience with Linux and K8s administration. Ability to install Linux, K8s, and Docker applications.
- Basic understanding of Cybersecurity Governance patterns: Policy -> Standards -> Control Solutions
- Basic Network Security principals – basic segmentation, firewall rules, best practices, limiting administrative ports, protecting workloads with WAF
- IAM fundamentals – principal of least privilege, authN, authZ, RBAC
- Basic Data Security principals – encryption in flight, encryption at rest, DLP fundamentals
- Operating System fundamentals – preferably in the Linux space, but deep Windows skills are workable
- Internetworking fundamentals – OSI model, troubleshooting at each layer, basic network capture analysis, network and application load balancing (L4, L7), client-server operating model.
- Intermediate to Advanced scripting / automation skills.
- DevOps fundamentals – rapid application development and deployment lifecycle . Secure software development lifecycle (SSDLC).
- System monitoring fundamentals – performance troubleshooting and analysis at system level using native OS performance metrics counters and system logs. Ability to correlate logs and events to find root cause of systemic or acute impacting issues.
Four-year degree in C.S., C.I.S., or related field and four years related experience. Without degree, eight or more years related experience.
CISSP Certification Required
Send Resumes to: [email protected]