Vail Systems is seeking a Senior Information Security Engineer to further extend and protect an already highly secure environment. As a Senior Information Security Engineer, you will perform security assessments of applications and solutions, write reports on your findings, create proposals for improvement and develop new security tools. You will design and deliver solutions for complex technical problems. This role is team oriented as you will collaborate with other highly technical data security, networking, systems administration and software development staff.
The ideal candidate will leverage a strong data security background to monitor, discover, and mitigate vulnerabilities in our network and systems, typically at Open Systems Interconnection (OSI) layers 4 through 7. Additionally, the candidate will be research driven, adaptable, and detail oriented.
What you’ll do:
- Work closely with other departments to assess the security posture of applications we develop and recommend actions for improvement.
- Assess the feasibility and best security practices for technical implementation of cloud and third-party applications.
- Write formal reports on security assessments.
- Design and develop new security tools.
- Act as the primary or backup maintainer of security tools and take ownership of systems hosting.
- Participate in incident response and disaster recovery exercises.
- Learn new technologies and utilize your freshly acquired skills at work.
- Run threat modeling exercises.
- Draft Security Architecture design diagrams.
- Penetration test internally developed applications.
- Conduct vulnerability scans of web applications, systems, and networks.
- Draft security requirements for new applications in the design phase.
- A Bachelor’s degree in Computer Engineering, Computer Science, Information/Cyber Security or a related field.
- 4+ years of experience in an information security role.
- 4+ years of experience working directly with Linux systems.
- Knowledge of the entire OSI model.
- Experience with at least layers 4-7 of the OSI model.
- Experience working on diverse operating systems (Linux and Windows).
- Familiarity with networking equipment.
- Experience writing scripts in Bash or Python.
- Knowledge of diverse security risks and how they impact the business.
- Experience with pentesting tools such as, but not limited to Burp Suite and Metasploit.
- Security or Linux certifications such as, but not limited to CISSP, LFCE, LFCS, RHCSA, RHCE, Red Hat Certified Specialist in Security: Linux.
- Subject matter expertise with cryptography.
- Experience configuring and auditing networking equipment and layers 1-3 of the OSI model.
- Experience with system administration, including log analysis.
- Knowledge of compliance frameworks such as PCI, HIPAA, NIST, etc.
- Experience as a member of an incident response team.