The Systems Security Engineer is responsible for the implementation, maintenance, and integration of the corporate WAN, LAN and server architectures with a focus on security. The main focus of this role is to manage and administer systems that involve OSI layers .
The SSE is focused on protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. This includes implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations.
Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information both on premise and cloud based.
Identifying and defining system security requirements.
Designing computer security architecture and developing detailed cyber security designs.
Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
Monitor and utilize security toolsets for the identification of suspicious and malicious activities and inadequate security practices across the Company’s network which may compromise the integrity and availability of systems.
Assists with all functions relating to the planning, architecture, design, installation configuration and operation of technology infrastructure both on-premise and in cloud environments.
Assess requirements and present System Engineering based recommendations that are in line with the strategic vision for the enterprise and wider best practices.
Configure, install and manage various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations to network devices and services.
Ensure availability of network infrastructure as per established SLA’s.
Maintain security, backup, and redundancy strategies.
Maintain and administer perimeter security systems such as firewalls and intrusion detection systems.
Create alerts that notify appropriate personnel on threats.
Manage the development and implementation of security policies, standards, guidelines and procedures to ensure ongoing maintenance of security.
Enable controlled access to corporate security zones as required.
Perform analysis of network security needs.
Oversee, deploy and review Data Loss Prevention tools and end point security components
Assist in technical security assessments, code reviews and vulnerability tests to highlight risks and help the company to improve security.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Ensure that the company knows as much as possible, as quickly as possible about security incidents.
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancements.
Create processes for authentication, authorization and encryption algorithms.
Configure and troubleshoot security infrastructure devices.
Conduct research to identify new attack vectors against company’s product and services and corporate assets.
University degree in Computer Science or a related subject.
Minimum of 4 years of hands-on network engineering experience eg. Cisco Catalyst, Cisco Router, Cisco Nexus).
Minimum of 4 years of experience installing, configuring and troubleshooting Windows and UNIX/Linux based environments.
Experience with Active Directory and ADFS in the cloud.
Experience with Multi-Factor Authentication processes and services.
Experience with Office 365 in the cloud; administrative portals and user management.
Understanding of Cloud Security strategies.
Hands on experience in security systems, including firewalls, intrusion detection/prevention systems, anti-virus software, advanced threat protection, authentication systems, log management, content filtering, etc
(eg. IPS, Policies, NAT, SonicWALL experience highly valued).
Experience with network security and networking technologies and with system, security, and network monitoring tools.
Thorough understanding of the latest security principles, techniques, and protocols (eg. VPN, IPSEC, BGP, OSPF, L2-Switching, VLAN, STP, QoS).
Solid understanding of the OSI and TCP/IP mode.
Hands-on experience with monitoring, network diagnostic and network analytics tools.
Experience and expertise with ethical hacking, firewall and intrusion detection/protection technologies.
Experience with AWS or Azure and InTune Enterprise Mobility Suite
CCNP or higher (CCIE and/or CISSP highly valued)
Experience with virtualization (eg. VMware, Hyper-V)
Experience with monitoring systems, protocols (Netflow) and tools (eg. PRTG, Orion, Scrutinizer, Wireshark)
Scripting skills (eg, Powershell scripts, Perl, Python)