Current Openings

Security Engineer

Harrisburg, PENNSYLVANIA | Contract
Post Date: 02/04/21
Job ID: 21-00116
Job Type: Contract

Job Description

Job Title: Security Engineer
Location: Harrisburg, PA
Type: Contract
Duration:4+ months
Interview mode: Either Web Cam or In Person
**This position is remote until Covid 19 restrictions are Lifted**

Job Description:
Product Specialist 6, Core Information Security Consultant
Key Skill Areas: System/Network/Application Security, Vulnerability Management, Incident Response
Key Responsibilities:
  • Technical Consultant o The Contractor will act in the role of Information Security Engineer, supporting security operations. This role reports directly to the Chief Information Security Officer (CISO). o Provide a first line of response for daily cybersecurity activities and inquiries from IT and business personnel.
  • Technical Lead for Third Party Risk Management (TPRM) o Critically review vendor cybersecurity assessment/scan reports and TPRM questionnaires. o Conduct oversight of critical vendors. Identify security issues and track to closure.
  • Technical Lead for Cloud Security o Identify processes and controls to monitor vendor cloud environments to maintain risk transparency. This includes security configurations, vulnerabilities and suspicious activity. o Identify processes and controls to identify and mitigate risk within PSERS' cloud implementations.
  • Technical Lead for Threat and Vulnerability Management.Evaluate cybersecurity advisories, communicate internally and influence vulnerability remediation.Facilitate remediation of cybersecurity issues. Track to closure.Improve processes to reduce Mean-Time-to-Remediate vulnerabilities and Adversary Dwell Time. o Recommend process and controls to mitigate adversary Tactics, Techniques and Procedures (TTPs).
  • Technical Lead for Monitoring and Incident Response o Enhance log/event centralization and monitoring via Security Information and Event Management (SIEM) software..Evaluate existing Security Operations Center (SOC) monitoring services and make recommendations for improvement. o Review SIEM analysis reports and alerts. Investigate suspicious activity. Participate in incident response activities. o Provide after-hours support coverage.
  • Act as an Information Systems Security Officer (ISSO) o Support deployment and administration of PSERS' security devices and software. Coordinate and support cybersecurity assessments by external firms..Communicate security standards requirements within project and change advisory board meetings..Work with employees to document risk register entries..Draft custom role-based security awareness content. o Design and implement enhanced security metrics and reporting..Contribute to strategic planning and annual goals for the cybersecurity program. o Assist with yearly IT audits Position works closely with:
  • PSERS IT Team
  • Information Security Team
  • Vendor Information Security Teams
Required Skills:
  • Excellent organizational, time management and problem-solving skills
  • Ability to communicate security concepts to technical and nontechnical audiences
  • Experience in an information security role
  • Deploying and supporting Microsoft Windows Active Directory and supporting infrastructure (policy, DNS, PKI) in a large Active Directory environment
  • PowerShell, writing scripts for automation, system administration Expert level knowledge - hands on experience: deploying Azure services in IaaS and PaaS cloud services
  • Azure and AWS cloud security experience
  • Hands-on experience with security devices and software
  • Infrastructure security experience, including system hardening
  • Vulnerability Management experience, including executing scans
  • Application security experience