Security engineer - San Jose, CA ( Hybrid)

[Rohit kumar]

Hi Vendors,

 

Role : Security engineer

Location : San Jose, CA ( Hybrid)

Rate : $55-56/hr on C2C

 

JD :

The role will be responsible for designing, implementing and troubleshooting security appliances and security controls to allow integration of acquired companies into our Network. Need to be able cover deploying new perimeter and internal firewalls, building standard controls and implementing approved exceptions to controls to meet business needs.  Working closely with network team to integrate acquisitions site by site.  Assisting infosec team to assess current security posture/controls of those acquisitions and changes required to meet Cadence security standards. The role involves managing, hardware, software, security policy sets, threat protections, EDR, DLP, overall security posture and collaborating with other IT professionals to support integration needs and business continuity.

Key Responsibilities

• Design and Implementation: Deploy new security appliances including all configuration work, logging, make sure all events auditable.  Site-by-site assessment of requirements per site, building bill of material for new firewalls required and placing orders with our purchasing department.
• Configuration and Maintenance: Update and patch firewall operating systems, register new firewalls, integrate to our management console, deploy security rule sets and other security controls and filtering and confirm proper restrictions, logging (for our SOC), and auditability of current and past events.  Understand custom requirements from acquired companies, obtain needed approval and create required policies.
• Assessment, Performance Monitoring and Troubleshooting:  Asses current security posture, Run and review reports from security tools scanning internal and external, manage data scanning and vulnerabilities fixes, troubleshoot security issues, perform data analysis and assess firewall performance.  Work closely with network team on network performance.
• Documentation and Compliance: Create and maintain detailed documentation, diagrams, and configuration logs, and ensure all deployed equipment, configurations and applied policies comply with security standards and best practices.
• Collaboration and Support: Provide technical support to staff, liaise with vendors and service providers, and collaborate with other IT teams (networking, systems, application) on various projects.
• Capacity Planning: Perform capacity management and planning to ensure the security infrastructure can scale with the organization's growth.
• Security Integration Strategy & Road mapping: Develop Day 1-30-60-90+ integration security roadmaps for acquired entities.
• Create plans for phased security uplift, firewall migrations, and endpoint remediation.
• Coordinate with corporate security architects to align the acquisition with long-term enterprise architecture.
• Identify security priorities and ensure a plan to mitigate them
• Automation: Automate recurring tasks like data scanning, analysis and reporting, vulnerability log analysis, etc.

Required Qualifications

• Education:  Bachelor’s degree in computer science, Information Technology, Network Engineering, or a related field.
• Experience: Proven hands-on security / administration experience, 5+ years
• Certifications (Desired):
• Cisco:   CCNA (Network), CCNP (Security)
• Checkpoint: CCSA
• Palo Alto:  PCNSA, PCNSE, PCCET
• General: CompTIA Security+

Technical Skills

• A good understanding of network concepts and administration
• Deep understanding of security appliances, security software tools, discovery and assessment tools, and security threats.
• Hands-on experience with enterprise-grade equipment from vendors like Cisco, Checkpoint and Palo Alto.
• Proficiency with security monitoring and diagnostic tools.
• Knowledge of cloud networking and virtualization technologies.
• Ability to follow precise company standards in design and implementation of security appliances.