Cyber Security Compliance Engineer
This is a direct hire opportunity in Downtown Houston with excellent benefits. Our client, an energy company, has an immediate opening for an experienced IT Security Engineer/ Administrator. Your primary responsibility will be maintaining and enhancing security standards and maintaining SOX compliance.
Responsibilities may include:
- Management of IT Security Plans which may include Mission Critical and non-Critical environments
- Incident and Risk Management
- Management of POAM and Risks
- Perform security assessments of all changes that have an impact on overall security posture
- Be able to provide recommendations when required, to ensure overall security posture
- Support security projects and new initiatives
- Create strategies, controls and architecture
- Maintain the organization’s data loss prevention and security information
- Actively audit the infrastructure and applications for security problems while prioritizing fixes
- Build repeatable and testable security infrastructure
- Research emerging trends and technologies to assess the threats they may face
- Provide security expertise on system, network, encryption, authentication, and governance
- Recommends configuration changes to improve the performance, usability, and value of
- Understanding of basic security policies and have some knowledge of FISMA and NIST is desirable
- Knowledge of IT systems (hardware, software, networks), applications and the people that use them
- Basic understanding of network and system architectures and detecting security issues during development and integration
- An understanding of the array of threats and vulnerabilities that characterize the modern-day cyber-attack
- An understanding of the roles of incident management and security/compliance auditing.
- An understanding of exploits, common vulnerabilities, common network intrusion methods, and various attack patterns and tactics.
- Background in managing and using different security controls.
- Strong communication skills, both verbally and written.
- Understanding of Risk Management frameworks.
- Relevant certifications might include: Associate of (ISC)2 for CISSP, SANS Global Information Assurance, Certification Security Essentials Certification (GSEC), CompTIA Security+
5-7 years of IT Security Experience in a large environment is required
Extensive hands-on experience configuring routers and Firewalls
Experience with SOX Compliance
Experience with Cisco required, Palo Alto is a strong plus
Excellent communication skills are a must