Senior Security Engineer I, TechnologyJob ID 20001418 Mumbai, India Apply now
Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you’ll discover a supportive and collaborative work environment that empowers you to excel. If you’re ready to share your perspective with the world, then you can make a real impact here. This is the Duff & Phelps difference.
Duff & Phelps’ Cyber Security practice helps firms manage cybersecurity risks at every stage of preparedness by identifying vulnerabilities and readiness through a comprehensive gap analysis and risk assessment; implementing best practices to avoid compromise; and recovering from cybersecurity attacks.
At Duff & Phelps, your work will help protect, restore and maximize value for our clients. Join us and together we’ll maximize the value of your career.
Seeking a Senior Security Engineer. The ideal candidate will have engineering expertise as it relates to the deployment and maintenance of network security technologies. This will include Firewall, IPS/IDS, Web filtering solutions, Email Security Gateway, Web Application Firewall and other industry toolsets; preferably in a large organization. The Senior Security Engineer will have experience that will allow them to complete the following responsibilities.
- Proficiency in security technologies like Web Filtering solution, Firewall, IPS/IDS and architects, designs, implements, maintains and operates information system security controls and countermeasures.
- Proficiency in defending attacks utilizing security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions and network forensics and visibility solutions.
- Support the implementation and maintenance of new security solutions, participate in the creation and maintenance of policies, standards, baselines, guidelines and procedures (InfoSec).
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
- Support the enforcement of security policies across the organization.
- Responds to information system security incidents, including investigation of, countermeasures to, and recovery from Cyber attacks; interacts and coordinates with Security Operations team to help them mitigate issues, security threats identified.
- Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessment of network security tools
- Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
- Work with software engineering team to ensure that security policies, standards, best practices and guidelines are adhered to.
- Proficiency in operating systems including Windows 2003 & 2008 R2, Windows 2012, Windows XP and 7, RHES, CentOS and Ubuntu Linux Understanding of basic networking concepts including IP addressing (IPv4 and IPv6), arp, ICMP, TCP, UDP.
- Knowledge of industry standards including ISO 27000 series, NIST 800-53 (ICD 503) and other industry related security standards Knowledge of Federal policies and regulations for Information System Security (eg. NIST 800-53, FISMA, CDM, ICS directives) Information Systems architecture and security control design and development experience
- 5+ years delivering network security infrastructure support and related services with a minimum of 8 years IT experience.
- Expert knowledge of enterprise firewall (Palo Alto, Cisco) technologies required.
- Working knowledge of web application firewalls and web filtering solutions (Zscaler)
- Demonstrated experience in computer security combined with risk analysis, audit, and compliance objectives.
- Experience working with information security practices, networks, software, and hardware.
- Expert knowledge of TCP/IP, common protocols and standards.
- Experience with DLP and IPS/IDS systems.
- Experience with security scanning tools
- Experience with Web Vulnerability.
- Process oriented individual with experience in ITIL concepts.
- Previous project management experience.
- Must have one of the following certifications:
- CASP, Comptia Cloud+, Comptia Network+, Comptia Security+, or Comptia Linux+, CCFP, CCSP, CISSP, CSSLP, or SSCP CCNA, CCNP, CCNA Security, CCNA Industrial, or CCNP Security.
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.