Senior Security Engineer

Job Description

Experience : 8-15 Years

Preferred Qualifications :

• Accountable for design, development, implementation of Security controls for cloud-based solutions.
• Support Security Operations functions and Serve as primary contact for information security incidents investigation, coordinate incident response and reporting.
• Responsible for internal / external audit and information security assessments by client
• Support Development of policies, standards, processes and procedures guidelines and other related documentation for Security Monitoring.
• Lead security controls implementation to comply with regulations and policies and relevant frameworks / standards such as ISO27001, NIST, ITSG-33.
• Monitor and manage security dashboards in Azure Sentinel / Azure Security Center / Office 365, customize dashboards and reports, produce metrics per client needs.
• Monitor health of Security solutions such as Firewall, Intrusion prevention Systems, Identity management, Endpoint Security, etc.

for cloud based and on-premise systems.

• Work with Business and IT Tier2 / Tier3 Support engineers and / or vendor’s / partner technology teams to resolve issues
• The ability and flexibility to work in shifts when necessary, Prepare Shift turnover and Shift Report to ensure continuous smooth
• Support pre-sales activity for new initiatives and potential opportunities.
• Guide junior Security operations teams in incident response and SOC functions.
• Has minimum of 4 years of experience working with Information Security Engineer or Incident Management / Security Operations roles.
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc in cloud environments.
• Subject matter level expert knowledge of common information security management frameworks, such as NIST / ISO / COBIT
• Good Understanding of networking protocols such as IPVPN, TCP / IP, UDP, IPSec, DNS, NTP, Firewalls, ACLs
• Knowledge of malware operation and indicators, threat landscape (threat actors, APT, cyber-crime, etc.)
• Experience in the producing threat & risk assessment reports.
• Experience in the delivery of IT Security awareness and training
• Protocol analysis experience using tools such as Wireshark, Gigastor, Netwitness, etc.
• Experience with SIEM tools and platforms such as : Splunk, Azure Sentinel
• Good understanding of computer forensic techniques and methodologies.
• Strong understanding of ITSG-33 requirements and Government of Canada Security Assessment process
• Experience with security assessments and authorization (SA&A) activities for IT systems.
• Proven interpersonal and collaborative skills, with the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.

Certifications :

• SANS : GCIH, GCFA
• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)

Cloud-specific security certifications in Azure or AWS.

Requirements

Experience (Years) : 8-10 Essential Skills : Hands-on working experience architecting Guidewire ClaimCenter solutions, including customization and integration.

Guidewire certification is a plus.Other technologies of interest : Guidewire Cloud, Salesforce CRM, legacy modernization, and AWS.

Proven knowledge & architecture experience in, architecture (digital / digital marketing / micro / macro / monolithic services, APIs), application integration, service-oriented architecture, event-driven architecture, application architecture, distributed architecture, data architecture and modelling.

Proven experience with modelling languages & techniques. Can quickly comprehend the functions and capabilities of new technologies.

Can understand the long-term ("big picture") and short-term perspectives of situations. Strong technical background (platforms, languages, protocols, frameworks, open source, etc.

Experience with architecture frameworks (TOGAF) & architecture certifications a plus.Experience in engaging and supporting claims teams and understanding their day-to-day operations in the P&C insurance space.

Open and clear connect with the business, telecom, infrastructure, security, audit, vendors, and software engineering. Driven by challenges and results.

Organized, proactive and a motivation for change.Knowledge on security standard methodologies and understand the impacts it can have on a business.

Comfortable working in a constantly evolving technological environment.An excellent teammate who demonstrates leadership.

Comfortable speaking with all levels of the organization and different audiences.