Security Engineer

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada.

With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company.

Procom’s areas of staffing expertise include:

Security Engineer

On behalf of our client, Procom Services is searching for a Security Engineer for a contract opportunity in New Jersey City, NJ.

Security Engineer Job Details

Appropriate candidates should possess at least 3-7 years’ experience in a Security Operations role as part of a Managed Security Services offering. We are looking for candidates who can provide a well-rounded knowledge and experience base in incident response and security event analytics. An overall flexibility and willingness to work under unpredictable time and project variables is essential.

Key responsibilities:

- Coordinate escalations to internal support teams to ensure timely delivery of incident resolutions

- Provide operational management of various security toolsets including Bluecoat, Q-Radar, Qualys, Rapid 7, and Fire Eye.

- Perform vulnerability scans, remediation oversight, reporting and metrics for managed infrastructure

- Update and maintain policies, schedules and scan parameters for vulnerability scanning tools.

- Maintain schedules, reporting requirements, and oversight for scanning requirements including threat assessments using industry standard vulnerability risk assessment standards.

- Provide awareness and training to personnel and external customers regarding threats, vulnerabilities and overall risk.

- Ensure that Service Level Agreements are met

- Maintain standard operating procedures, processes and guidelines for security operations, threat, vulnerability and malware mitigation.

- Automate security analysis, administration and remediation procedures, workflows and tasks

- Maintain awareness of trends in security regulatory, technology, and operational requirements

- Participate in client audits

Education or

Experience:

- Graduation with a degree from a recognized university with specialization in Computer Sciences or a related discipline, combined with a minimum of (3) years of directly related practical experience and demonstrated ability to carry out the functions of the job.

OR

- Completion of two years of an acceptable post-secondary educational program in Computer Sciences from a recognized community college, or in a related discipline, combined with a minimum of (5) years of directly related practical experience and demonstrated ability to carry out the functions of the job.

OR

- Minimum of (7) years of directly related practical experience within the last eight years, and demonstrated ability to carry out the functions of the job.

Security Engineer Mandatory Skills

- Experience using various vulnerability scanning toolsets including but not limited to Nessus, nCircle, Critical Watch, Qualys, and IP360

- Experience with traditional and advanced malware mitigation toolsets including but not limited to McAfee Virus Scan Enterprise, Symantec Norton Antivirus, Fire Eye, Palo Alto Wildfire, and Trusteer.

- Knowledge and experience with compliance requirements relating to PCI, SOX, etc.

- Experience working in IT Security Operations, using SANS methodology

- Experience and extensive knowledge of Security Information Event Management

- Experience in Intrusion Detection or Prevention Systems

- Knowledge of: TCP/IP, computer networking, routing and switching

- Experience in Linux/UNIX and Windows based devices at the System Administrator level

- Strong troubleshooting, reasoning and problem solving skills

- Organizational skills and the ability to work autonomously with attention to processes

- Ability to speak and communicate effectively with peers, management and clients

- Ability and experience in writing clear and concise technical documentation

- Ability to speak and write fluently

- SIEM experience

- Experience in security penetration testing

- Experience using ticketing systems such as Remedy

- Security certifications: SANS/GIAC (GCIH, GCIA or GCUX), CCNA, CISSP, or CISA certifications would be assets

- Knowledge of application security including web applications, web services, XML, SOA, AJAX, JSON, and web scanning tools

- Knowledge of:
Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions

- Knowledge of NIST, PCI, HIPAA

All your information will be kept confidential according to EEO guidelines.