Filters

Security Salary in USA

Receive statistics information by mail

Security Salary in USA

76 533 $ Average monthly salary

Average salary in the last 12 months: "Security in USA"

Currency: USD Year: 2020 2019
The bar chart shows the change in the level of average salary of the profession Security in USA.

Distribution of vacancy "Security" by regions USA

Currency: USD
As you can see on the diagramm in USA the most numerous number of vacancies of Security Job are opened in Texas. In the second place is California, In the third is State of New York.

Regions rating USA by salary for the profession "Security"

Currency: USD
According to the statistics of our website profession Security is the highest paid in State of New York. The average salary is 119802 usd. Pennsylvania and Colorado are following.

Similar vacancies rating by salary in USA

Currency: USD
Among similar professions in USA the highest-paid are considered to be Information Security Officer. According to our website the average salary is 350000 usd. In the second place is Information Security Analyst with a salary 84860 usd, and the third - Information Security Manager with a salary 76251 usd.

Найдите подходящую статистику

Information Security Analyst

Смотреть статистику

Information Security Manager

Смотреть статистику

Information Security Officer

Смотреть статистику

Intelligence Analyst

Смотреть статистику

Lifeguard

Смотреть статистику

Network Security Engineer

Смотреть статистику

Safety Coordinator

Смотреть статистику

Safety Leader

Смотреть статистику

Safety Manager

Смотреть статистику

Safety Officer

Смотреть статистику

Safety Specialist

Смотреть статистику

Security Administrator

Смотреть статистику

Security Analyst

Смотреть статистику

Security Architect

Смотреть статистику

Security Assistant

Смотреть статистику

Security Developer

Смотреть статистику

Security Expert

Смотреть статистику

Security Guard

Смотреть статистику

Security Installer

Смотреть статистику

Security Investigator

Смотреть статистику

Security Manager

Смотреть статистику

Security Officer

Смотреть статистику

Security Specialist

Смотреть статистику

Transportation Security Officer

Смотреть статистику

Unarmed Security Guard

Смотреть статистику

Unarmed Security Officer

Смотреть статистику

USAR Unit Administrator

Смотреть статистику
Show more

Recommended vacancies

Security Engineer
Talent Software Services, Inc, Dublin, OH, Franklin County
SECURITY ENGINEER Job Summary Talent Software Services is in search of a Security Engineer for a contract to hire position in Dublin, OH. Primary ResponsibilitiesAccountabilities Seeking a passionate engineer ready to create world-class solutions enabling developers to build secure software from the start. A core principle at client is maintaining product security and protecting customer privacy. As part of the Application Security program, you will lead a shift-left strategy designed to improve the Secure SDLC for thousands of developers globally. The candidate will join the Dynamic Scanning within Application Security, providing client's global development community with dynamic web app scanning services on-premises. This includes supporting self-service web app scanning, false positive reviews, CICD integration support, remediation consulting, app onboarding, authenticated scanning, and executive reporting. Qualifications 3 years of experience in Web App Security, Secure SDLC, DevSecOps Background in web app development, sys admin, andor code auditing strongly preferred Experience in the deployment and management of SASTDAST tools and technologies. Deep understanding of web application security threats, exploits, and prevention Ability to triage, reproduce, recommend remediation, and implement fixes for vulnerabilities Knowledge of development and integration tools and technologies (e.g. CICD) Knowledge of test automation frameworks and how they integrate with SASTDAST. Comfortable writing in at least 2 developmentscripting languages (Java, .NET, Python, etc.). Practical applied knowledge of OWASP Top 10, and can confidently speak to all. Passion for researching vulnerabilities, exploitation techniques, and industry trendsthreats. Bachelor's in Computer Science or equivalent, Masters preferred Experience communicating with VPCIOCTOCISO-level leadership. Ability to work in a self-directed environment that is highly collaborative and cross functional. If this job is a match for your background, we would be honored to receive your application Providing consulting opportunities to TALENTed people since 1987, we offer a host of opportunities including contract, contract to hire and permanent placement. Let's talk
Security Engineer
Apex Systems, Jacksonville, FL, Duval County
Security Engineer REMOTE START Contract to Hire Apex Systems, North America's 2nd leading IT services company, is currently looking for a Security Engineer for a LogisticsTransportation client. The Security Engineer role is a hybrid role focused on both Linux and Cloud security controls. Qualified candidates should apply below Or email their resumes to Megan Reilly at Candidates must be able to work on Apex's W2 without sponsorship. Cannot work Corp to Corp Requirements - Deep understanding of Linux administrationengineer backed by professional working experience - 3 years experience of Automation and Orchestration implementation experience - Proficient in Python scriptingdevelopment - Exposure to CloudDevOps operations Responsibilities - Automating security solutions using tools standard in the cloud DevOps industry. - Requirements gathering and specification, development of architecture diagrams, and integration with additional tools - Designing and validating security standards, policies, and solutions that align with the dynamic and agile nature of cloud environments. - Documenting and communicating the security standards, policies, and solutions to allow for quicker and easier adoption. Additional Certifications - Strong candidates will posses at least one of the following certifications CISSP, SSCP, CEH, GRID, GISCP, GSEC, AWS Certified Solutions Architect, or any of Red Hat certification. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or
Security Analyst
FosterThomas, Woodlawn, MD, Baltimore County
Security Analyst Location Woodlawn, MD ndash Currently remote FosterThomas, a Mid-Atlantic Staffing and Recruiting Firm, is leading the search for a Security Analyst for our Client located Woodlawn, MD (remote). Our client is an information technology company helping businesses and government agencies modernize and thrive by applying the power of technology. They began making a mark in the federal healthcare space in 2004, where we continue to actively modernize systems to improve healthcarersquos value for millions of Americans. Since then, their work has expanded across various sectors and industries, where they help our customers stay ahead of the new and make the world in which we live, better. Responsibilities The Security Analyst is an individual with assigned responsibility for maintaining the appropriate operational security posture for a federal information system or program. This individual would require hands-on experience evaluating, designing, documenting, implementing, operating, testing, and monitoring security and privacy controls that support the information system security and privacy program. Work with developers to refine security checkpoints in the SDLC and make sure information security risks are managed throughout all the phases of the SDLC. Use automated tools to perform source code security analyses to identify vulnerabilities and attack vectors in web applications. Provide FedRAMP requirements and guidance. Provide Federal Information Security Management Act (FISMA) support and subject matter expertise. Independently develop a variety of CA deliverables including System Security Plans, E-Authentication Risk Analysis, Privacy Impact Assessments, Annual Assessments, Contingency Plans, Incident Response Plans, and FIPS 199 Security Categorizations, etc. Develop and maintain Plans of Action and Milestones corrective actions for audit findings. Recommend system architecture solutions based on industry best practices and knowledge of Federal and organizational security guidelines. Performs periodic internal audits, vulnerability assessments, and Web Application testing. Maintains current knowledge of relevant technology as assigned. Participates in special projects as required. Qualifications Work with developers to support secure coding practices, explain application-related security findings and how to reproduce them, and make sure information security risks are managed throughout all the phases of the SDLC. Use automated tools to perform static source code and dynamic security testing to identify vulnerabilities and attack vectors in web applications. Complete a Security Impact Analysis as part of each sprint within an agile development organization. Support, implement, maintain, and monitor security and privacy controls in compliance with FISMA, HIPAA, FedRAMP, and NIST RMF requirements and guidance. Plan, document, implement, assess, maintain, and monitor security and privacy controls in accordance with requirements, policies, standards, processes, and procedures documented in the CMS BPSSM, ARS 3.1, TRA, and RMH. Independently develop a variety of security authorization package-related deliverables including System Security Plans, Information Security Risk Assessment, Privacy Impact Assessments, Contingency Plans, Incident Response Plans, and other security and privacy plans, processes, and procedures. Support audits, assessments, and penetration test-related documentation requests and vulnerability remediate efforts. Document and maintain a Plan of Action and Milestones (POAM) for weaknesses identified in security tests andor audits. Recommend system architecture solutions based on industry best practices and knowledge of Federal and organizational security guidelines. Performs periodic internal audits, vulnerability assessments, and Web Application security testing. Maintain current knowledge of relevant security and privacy trends and technology. Participate in special projects as required. Preferred Hands-on experience with implementing, documenting, maintaining, and monitoring CMS Acceptable Risk Safeguards control requirements. Experience in implementing and enforcing policies, procedures and guidelines in a complex environment. Experience assisting with the implementation of an automated CICD DevSecOps pipeline Experience driving ATOs including the privacy controls specified in NIST SP 800-53 rev 4 Appendix J. Experience in the development, implementation and operation of IT Security Strategy within a complex environment. Knowledge and experience with security best practices and relevant legislation. Experience with IT Security management, access policy and management, authentication and SSO, authorization, audit, secure communications and network protection, data protection and privacy, and security administration. Understanding of, and ability to communicate, security and risk implications to technical and non-technical audiences. Experience working as part of an agile scrum team, assisting with security-related tasks and deliverables associated with bi-weekly sprints. Technical Experience using vulnerability scanner such as Nessus, OpenVAS, Retina or Nexpose. Experience running static analysis static application security testing tools such as SonarQube, Fortify or Veracode. Experience running dynamic application security testing tools such as WebInspect, AppSpider, Acunetix, AppScan, Qualys, Burp Suite Pro or OWASP ZAP. Experience running component analysis tools such as Sonatype Nexus IQ, Synopsys Black Duck, OWASP Dependency-CheckTrack. Experience with GRC tools, such as CSAM, CFACTS, TAF, or Xacta. Proficient in Microsoft Office (Word, Excel, PowerPoint, etc.) and Visio. Ability to leverage Microsoft Project for project planning. Residency Requirement Must have lived in the United States at least 3 out of the last 5 years. Interpersonal Skills Excellent interpersonal, verbal and written communication, and organizational skills - must be able to communicate fluently in English both verbally and in writing Facts and data oriented. Deadline and closure oriented. Strong persuasion, facilitation and influencing skills. Self-driven. Strong analytical, organizational and project management skills. Demonstrated ability to lead and work with cross functional teams including senior level individuals. Must be able to thrive in a fast-paced, rapidly evolving environment with varying priorities, based on a team building culture.
Security Engineer II
Alorica, US, Virtual, KS
Security Engineer II SUMMARY STATEMENT Ensuring business network, infrastructure and architecture are engineered and designed in a secure manner consistent with business polices and compliance requirements. Will spend time building, tuning, and maintaining corporate security infrastructure. MAJOR DUTIES KEY RESPONSIBILITIES 1. Lead in the implementation and support of security strategies, solutions and projects to ensure corporate security (FireEye, Web Content Filtering, IDSIPS, SIEM, MFA, Cloud Solutions (Azure, O365, AWS) 2. Analyze and make recommendations for improvements to enterprise infrastructure, enterprise security solutions and associated services and configurations 3. Provide expertise on secure configuration of systems and services exposed to Internet sources as well as on all cloud related technology 4. Engineer, implement and monitor security solutions for the protection of network infrastructure, computing systems and data 5. Supports NIST, PCI DSS, HIPAA, HITRUST, GDPR and other compliances and regulations 6. Communicating technical information to stakeholders 7. Mentoring other members of the Information Security Team to continuously improve the company's security posture and ensure the confidentiality, integrity and availability of data within the networking environment 8. Understand new and emerging threats that can affect the Company's information resources 9. Proficient in documenting processes, procedures, for various technologies. 10. Flexible work schedule Qualifications QUALIFICATIONS EDUCATION 1. Bachelor's Degree or equivalent work experience 2. Licenses or certifications CISSP EXPERIENCE Required experience Years 5 - 7 years API integrations preferred skill Command line proficiency required Scriptingprogramming preferred skill Various operating system knowledge (LinuxUnix, Windows, MacOS) Strong troubleshooting skills Knowledge of Windows Active Directory preferred skill Networking proficiency Travel maybe required Equal Opportunity Employer VeteransDisabled
Security Administrator - Remote until 2020
Global Enterprise Tech Resources, Inc, Lanse, MI, Baraga County, Lansing
Security Administrator Lansing, MI Long Term Contract Remote to start Please reach me on ( Security Administrator Job Summary To administer data access and application security across multiple computing platforms to protect corporate data resources from unauthorized access. Responsibilities Establishes user profiles, creates and administers user security passwords and access to multiple applications, operating systems, files, and computing platforms as well as assists and trains system users in the use of security measures. Creates, modifies, and troubleshoots multi-platform accounts. Administers and troubleshoots advanced internetintranet access issues and all FTP, SFTP, CITRIX and other remote access issues. Reviews, evaluates, recommends, and monitors computer security access. Implements, monitors, and maintains all security access procedures as they apply to multi-system company-wide programs. Validates security access annually. Performs monthly security system access audits and reports results to management. Performs monthly web security report compilation and initial analysis. Perform other related assigned duties as necessary to complete the Primary Job Responsibilities as described. Qualifications Position requires the completion of an associate's degree, technical, or vocational school with relevant coursework in data processing or computer operations, a Security Plus certification and two years' related work experience with security systems in a multiple computing platform environment. GSEC or other security related certification is preferred. Will accept any suitable combination of education, training, or experience. Position requires basic knowledge of information security principles and practices intermediate knowledge of Novell Netware, Active Directory, and Windows operating server systems general knowledge of Unix, Tcpip protocols, VPN systems, Oracle, SQL, Citrix, MS Access and PeopleSoft ability to use active listening skills effective verbal and written communication basic knowledge of LDAP and E-directory preferred. Minimum Physical Expectations Physical activity that often requires keyboarding, sitting, phone work, and filing. Physical activity that often requires extensive time working on a computer. Physical activity may require lifting under 25 lbs. Physical activity that sometimes requires travel ndash car, train, andor air. Physical activity that sometimes requires bending, stooping, reaching, climbing, kneeling, andor twisting. Specific vision abilities required include close vision, depth perception, and the ability to adjust and focus. Must hear and speak well enough to conduct business over the telephone or face to face (in English) for long periods of time. Minimum Environmental Expectations This position will require working indoors. Typical workweek is eight (8) hour workdays, five (5) days per week with some weekend work, as well as longer hours as needed. This position deals with some aggressive personalities and could be stressful.
Security Assessor
Federal Reserve Bank, Richmond County, VA, Virginia, Richmond
Security Assessor Location Richmond, VA Charlotte, NC Baltimore MD At the Richmond Fed, wersquore driven by our mission to strengthen the economy and our communities. We take great pride in what we do and it impacts everyday people every day. When you join our team, yoursquoll become part of a culture that welcomes differences, cares about our communities, and empowers each other to lead from where we are to make things better. Bring your passion and wersquoll provide challenging and purposeful careers in a variety of fields, opportunities to grow and a wide range of benefits and perks that support your health and wealth. Itrsquos all part of what makes MyRichmondFed a great place to work About the Opportunity The Federal Reserve Bank of Richmondrsquos Information Security Threat Management team has an immediate opening for a Security Assessor (Engineer- Info Sec) at the Intermediate or Senior level, reporting to the Information Security Manager. As a Security Assessor, you will be responsible for incident response and forensics investigations, technical assessment of risk and cyber threats, the identification, exploitation, and support of remediation of system vulnerabilities, and may provide support for penetration testing. What You Will Do Contribute to incident response, forensic investigations, vulnerability assessments, risk management processes, data analytics, dashboard development, and penetration testing. Use your knowledge current security tools and industry best practices tools, techniques, procedures, tactics, attacks and forensics. Be a security resource for business partners and information technology peers, and provide guidance on information security policies, best practices, and technologies. Audit existing security procedures, devise improvements as appropriate, ensure documentation up to date and meets applicable standards. Administer and maintain routine security processes and procedures and provide remediation of marginally complex vulnerability issues. Qualifications Bachelors Degree in Computer Science, Information Systems, or a related field or equivalent combination of education and work experience. 3 years (Intermediate Level) 5 years (Senior Level) of related experience, inclusive of information security, risk management, or programming. Security Assurance for the Federal Reserve (SAFR) certification, or ability to obtain SAFR certification within one year of hire. Desire to expand and grow technical skill set. Demonstrated written and verbal communication skills ability to articulate technical and security issues and concepts to all audiences. Strong customer service skills. Ability to develop creative solutions and collaborate with different workgroups to prevent, identify, and resolve security problems. Preferred Qualifications Fundamental knowledge of operating systems (Linux, Windows, iOS, Android, Unix variants), network intrusion protection and detection architectures, operating system vulnerabilities, vulnerability assessment, and associated tools Ability to perform source code reviews and highlight security gaps Knowledge of web, serverless, and IaaS PaaS Cloud platforms Knowledge of data analytics and tools such as Splunk or Tableau Experience in programming languages such as Python, JavaScript, C, PowerShell, Bash Scripting, etc. Discover the Reason Why So Many People Love It Here When you join the Richmond Fed, not only will you find a challenging and purposeful career, yoursquoll also have access to a wide range of benefits and perks that support your health and wealth, including Great medical benefits Pension and 401(k) with employer match Paid time off Tuition reimbursement Employee resource networks Paid volunteer leave Flexible work options Onsite amenities that make working here fun Other Requirements and Considerations Candidates should review the Bankrsquos Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions. The Code is available on the About Us, Careers webpage at richmondfed.org httpwww.richmondfed.org . Sponsorship is not available for this role. Selected candidate is subject to special background check procedures. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility for this specific position requires U.S. Citizenship. Security Assessor- Intermediate (Engineer - Info Sec - Int) Hiring Range 71,200 - 89,000 Security Assessor- Senior (Engineer - Info Sec - Sr) Hiring Range 90,200 - 112,800 Salary offered will be based on the job responsibilities and the individualrsquos knowledge, skills, and experience as defined in the job qualificationsexperience. Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by October 13, 2020. The Federal Reserve Bank of Richmond provides equal opportunity to all individuals without regard to race, sex, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, or genetic information.
Security Analyst
iSpace, Inc, Marysville, OH, Union County
Security Analyst II Location Marysville OH Duration 6 Months Contract Job Description Daily Tasks Performed Identify, collect, and perform analysis of raw, primary and secondary cybersecurity data derived from various sources Investigate, document, and report on information cybersecurity issues and emerging trends Provide actionable strategic, technical, and tactical cyber information and intelligence to management stakeholders through weekly, monthly, and ad hoc reports, briefings, and presentations Assist in providing threat and vulnerability analysis as well as security advisory services Other duties as assigned AcademicExperienceCompetency Bachelor's degree in information systems or equivalent work experience. Desirable Security Certification In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans. Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) frameworks. Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation. In-depth knowledge of risk assessment methods and technologies. Proficiency in performing risk, business impact, control and vulnerability assessments. Strong understanding of business applications, including ERP and financial systems. Excellent technical knowledge of mainstream operating systems for example, Microsoft Windows and Oracle Solaris and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools. Experience in developing, documenting and maintaining security policies, processes, procedures and standards. Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts. Audit, compliance or governance experience is preferred. Business Experience 3 to 5 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration one to two years of experience with information security Prior roles in a security operations center w experience as a subject matter expert with security products Experience as an Incident CoordinatorManager The ability to understand and execute Threat Hunting activities In-depth working experience with Vulnerability Management andor Threat Intelligence roles Prior experience in roles like, Help Desk Tech, System Admin, Network Admin, or Server Admin
Security Engineer - Only Locals
Jnit Technologies, Minneapolis, MN, Hennepin County
Security Engineer - Incident Response - Only Locals Locations US-MN-Minneapolis, USA The Manager, Security position will provide operational leadership and direction to a team of technical professionals dedicated to the development and delivery of information security standards, best practices and technical solutions. Lead activities to provide the appropriate access, protection, confidentiality, integrity and availability of enterprise systems and data through effective security controls. Oversee and participate in the planning and implementation of security administration for technology projects. Serve as point-person and subject matter expert for issues and projects related to area of responsibility. Responsible for ensuring enterprise perimeter and host-based defense (including intrusion detection, intrusion prevention, firewall management, anti-malware and identity management) services for the organization including event monitoring and analysis, tracking systems security alerts and incident handling and investigation. ResponsibilitiesJob Description Work with the business and across technology to identify current andor potential security risks and develop, implement, drive and optimize security solutions, methodologies, policies andor practices. Conduct risk analysis and contribute to the prioritization of information security initiatives based on risk and business need. Weigh business needs against security concerns make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders. Conduct regular, comprehensive application and system security health checks and identify and recommend opportunities for improvement from an information security standpoint. Lead solution design and delivery to address risksvulnerabilities, meet requirementsneeds of the business and ensure compliance with federal and state regulatory mandates and requirements. Effectively oversee multiple projectsinitiatives simultaneously. Provide oversight and leadership to an information security team (may include employees, contract personnel andor vendor partners and their resources). Effectively manage team work load and ensure knowledge sharing and cross-training of team members to effectively support the business and execute on teamfunction deliverables. Develop and maintain a high-performing team through effective hiring, coaching and performance management. Develop, maintain and champion information security requirements, policies, and procedures across the business and technology. Design and implement mechanisms for education and governance, ensuring organizational and technical compliance with policies and requirements. Implement and manage monitoring tools, processes and procedures to effectively identify security concerns, risks and incidents. Provide end-to-end management of security incidents to ensure prompt and effective remediation. Create and drive action plans to address recurring or ongoing information security incidents. Ensure escalation and effective hand-off of issues to other technology groups as required Experience 5-7 years of experience in roles with increasing responsibility in the technical fields of information security 3 years of demonstrated success and expertise in information security methodology, concepts, and analysismonitoring. 2 years of (direct or indirect) leadership experience, including demonstrated success leading teams to delivery of technical solutions. Broad technical experience including systems analysis, application development, networking, and database design and administration. . Proven experience with fire wall theory and configuration, domain structures, user authentication and digital signatures. LicenseCertificationRegistration CISSP, CISA, CISM or CRISC or equivalent security certification Regards, M Ramanjan Reddy
Security Engr (Fortify Source Code analyzer) //Location: Owings Mills MD
Oriontek Inc, Owings Mills, MD, Baltimore County
Security Engr (Fortify Source Code analyzer) Location Owings Mills MD Need strong experience with Fortify Source Code analyzer. Someone who can do static security testing. Configure analyzer for scanning and then analyzing results, providing root cause analysis SAST tester Security Assessment Engineer, you will Configure projects for scanning with Static Application Security Testing tools. Analyze scan results and suppress false positives. Create and maintain custom rulesets regarding the suppression of false positives. Provide root cause analysis for failed scans. Assist developers with remediation guidance for security findings. Verify remediation of security findings utilizing commit histories and re-scans. Role summary and job responsibilities Develop and execute an appropriate security testing strategy for each engagement, including performing software security testing against applications, platforms, and systems. Analyze testing results that are generated from SAST tooling and identify and suppress false positives. Create and maintain custom rulesets within the tooling to account for false positives, trending threats, and areas of focus. Identifies and determines root cause analysis for failed scans. Works with proper teams toward resolution. Works with development and engineering teams to convey findings and risk, assisting with remediation strategies and risk assessment. Verifies remediation of security findings using commit histories and rescans of code. Contributes to the development of standard methodologies and SSDLC activities through reporting and publishing of findings to facilitate new design approaches to deter these defects from reoccurring. Ability to break down complex or vague problems and steps through them in a rational way. Shows flexibility in thinking and ability to evolve a solution when additional information or ideas are presented. Decisions and recommendations distinguish between near term mitigation and required future investments. Actively helps team membersmake suggestions to improve practices. Other duties as assigned You make decisions that show a focus on current and future business priorities, together with fiscal responsibility. Applies understanding of the current threat landscape, in general and specific to both the Financial Services field and the firm and uses that operational awareness and threat intelligence data to drive decision-making. Understands actual business requirements and ensures those drive assessment and guidance. Requirements Typically, 4 years of relevant experience. Must be familiar with OWASP top 10. Expertise in Fortify Source Code Analyzer (SCA) Stays current with many best-of-breed technologies. Performs as an authority in one or more components of the SSDLC. Leads significant pieces of static security testing. Knows and can implement modern software testing techniques. Experience with multiple software systems design tools and languages Skilled in automating manual tasks and enabling customer self-service.
Security Engineer - Elastic Search
Computer Enterprises, Inc., Philadelphia County, PA, Pennsylvania, Philadelphi ...
Security Engineer Location Philadelphia, PA 19103 Key Responsibilities Conduct security log management and monitoring in Elastic Search Maintain information security metrics and dashboards Monitor and Operate Infrastructure in AWS and VMware. Build out test environments, including installation of systems and products both on cloud and on-premises. Create SQL based queries to extract data requested for security searches. Skills Familiarity with open source endpoint security technologies such as osquery or any other opensource endpoint tool. Experience with Linux command line and server administration. Experience with API integrations and interactions to automate job functions. Experience with log analyticsaggregation ELK stack and its operations. Basic knowledge of AWS services and its functions. EC2, VPC and EKS is preferred. Good understanding of ELK stack, creating grok filters, Kibana queries and Dashboards. Experience writing SQL, SPL or KQL. LinuxUnix platform development on an enterprise scale. Server administration and platform maintenance. Good working knowledge of computer networks and common protocols (TCPIP, UDP, DNS, FTP, SSH, SSLTLS, HTTP) Basic Knowledge of regulatory compliance configuration and reporting. PCI and CIS preferred. Basic knowledge of Git, Build Platforms and Containers