Hiring a Senior Cyber Security Engineer in St. Louis, Missouri who will provide security oversight to the computing environment across business lines. You will be responsible for consulting with various technical teams and business units providing guidance and effective security solutions to enable the business, while maintaining compliance and best practices. This candidate must have a passion for security and will participate in round table discussions.
- Proactively work security issues and incidents to identify root cause and recommend fix.
- Consult with developers to provide code review and alternate solutions where appropriate to maintain best practices while reducing the attack surface and minimizing risk.
- Validate IT security solutions collaboratively with infrastructure and application development project teams ensuring that corporate security policy, standards and industry best practices are met.
- Raise awareness and assist in the communication of security policies and regulatory requirements, providing recommendations to maintain compliance.
- Assist with security mitigation and remediation efforts as needed.
- Deploy and configure technology, collaborating with IT Infrastructure teams and vendor product professional service partners.
- Act as system owner for security technologies and, working with the IT Infrastructure team, ensure they remain properly maintained.
- Assist Information Security compliance activities in support of audit and assessment activities, including customer, PCI, and internal audit reviews.
- 7 years of IT professional experience; 5+ years of Information Security experience. Prefer 2+ years as an Information Security Consultant.
- Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security) and OWASP Top 10.
- Must be well versed in operating systems such as Linux and Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools.
- In-depth knowledge of the Cybersecurity Framework, ISO27001 and compliance requirements such as PCI, SOX and HIPAA.
- Hands-on troubleshooting, analysis, and technical expertise to resolve security events; previous experience troubleshooting day-to-day operational processes such as security monitoring, data correlation, researching events, etc.
- Prefer BS in Engineering, Computer Science, Information Security, or Information Systems, or equivalent work experience.
- Security Certifications (CISSP, CISM, CEH, or similar are desired).