What are the responsibilities and job description for the Sr Security Engineer position at The Timberline Group?
The Cyber Security Audit Engineer will manage a variety of technical security auditing capabilities, including a holistic auditing approach of applications, databases, servers, networking devices, and software. Responsible for demonstrating skills in assessing IT process and technology risks, identifying and evaluating the design of IT controls, designing, executing and documenting IT audit tests, and making initial determination of reportable issues. Assist with HIPAA / HITECH assessments, and data breach preparedness. Will work in close coordination with team members and other business owner’s partners to carry our customer requirements.
Job Description:
ROLES and RESPONSIBILITIES:
Design, build, implement and monitor a holistic audit program across the enterprise.
Develop understanding of appropriate business aspects, IT risks, IT control requirements, processes and systems under review.
Perform process and technology risk analysis with a cybersecurity mindset and focus, prepare process maps and flowcharts, prepare effective and efficient compliance and substantive technical approach; and execute in depth IT audit review.
Perform assessment of IT process and security controls within information systems environment.
Evaluate test results: accurately identify symptoms, root cause, problems, identify alternative controls and develop recommendations.
Perform audit reviews of technology such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory).
Performing technology assessments in a wide variety of business environments, including:
Information Technology Operational and Cyber Security Assessments in accordance with industry frameworks, such as COBIT 5, ISO 27001, ISO 27005, and NIST SP 800-30 and Cybersecurity Framework
HIPAA Security Rule and HITECH Act Compliance
Cloud Security Compliance
Assisting clients with the performance of Business Impact Analyses (BIAs) along with the development of business continuity and disaster recovery plans (BCPs and DRPs);
Assisting organizations with all aspects of data breach and information security Incident Response preparation and management
Performing Service Organization Control Examinations in accordance with AICPA requirements (SOC 1 SSAE 16, SOC 2 AT 101, SOC 3 AT 101)
Providing data classification services
Developing information technology and security policies and procedures
Providing trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall cyber security posture
Preparing reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results to client management
Excellent technical and interpersonal skills required.
Experience with Qualys / Nessus Vulnerability scanning tools.
Cloud Experience a plus
EXPERIENCE, QUALIFICATION AND EDUCATION
Minimum of 5 of experience with Enterprise Network, DMZ, and Security infrastructure, including design, implementation, and ongoing management and troubleshooting required.
Minimum of 5 years’ experience in designing, developing, implementing, and managing solutions across cybersecurity domains (Cyber Defense, Threat and Vulnerability Management. Advanced Security Analytics, Data Security, Identity Management, Security Operations and Managed Security Services etc.)
Three years or more of professional experience or job-related experience in Information Security, or Information Technology
Extensive knowledge and skill of IT analysis which includes expertise in analyzing confidentiality, integrity, availability of complex IT systems.
Familiarity with Secure Software Development practices
Hands On experience with various programming languages or scripting languages and tools.
Effective oral and written communication skills.
Strong interpersonal skills and demonstrable leadership ability.
Certifications in one or more of the following: CISSP, CWSP, CCNP, ACE, CCNP Security, Security , or related.
Familiarity with various operating system platforms (Linux, Windows) and databases security best practices for each.
Strong analytical and problem-solving ability.
Ability to work independently.
Salary.com Estimation for Sr Security Engineer in St. Louis, MO
$103,270 to $127,951
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Sr Security Engineer?
Sign up to receive alerts about other jobs on the Sr Security Engineer career path by checking the boxes next to the positions that interest you.
Sign up to receive alerts about other jobs with skills like those required for the Sr Security Engineer.
Click the checkbox next to the jobs that you are interested in.
Position Summary We are seeking a hands-on Manager of Warehouse Management Systems (WMS) who also serves as a Senior Process Engineer to lead the strategy,...more
US Citizens or GC Holders only Must be on our W2- no C2C Local candidates only Onsite - 3-4 days per week As a Senior Engineer on the INFOPS Application De...more
This candidate will work on multiple projects, leading solution architecture and design, as well as manage and take part in the development of multiple cli...more
Qualifications 3-6 years related experience in programming or systems analysis with indications of more technical aptitude. 4-year college degree, preferab...more
Join our team as a Senior Cloud & Security Engineer and lead the design, implementation, and protection of our modern cloud infrastructure. In this role, y...more
Job#: 3039337 Job Description: Sr. Security Analyst Location: Scott AFB, Illinois (Onsite) Role Overview We are seeking a Senior Security Analyst with stro...more