Apply on Employer Site

MerchantE · 4 hours ago

Information Security Engineer

Atlanta, GA

Full-time

Onsite

Senior Level

5+ years exp

MerchantE is a growing organization seeking an Information Security Engineer to enhance their security posture. The role involves working with security tools, implementing vulnerability management, and leading incident response efforts while collaborating with internal and external groups.

FinanceFinancial ServicesPayments

Comp. & Benefits

No H1B

Hiring Manager

Benjamin Pummer

Responsibilities

Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities

Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits

Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts

Identification and remediation of OS and network security weaknesses and vulnerabilities

Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing)

Qualification

Information SecurityNetwork SecurityVulnerability ManagementPenetration TestingSplunkMalware RemediationSecurity CertificationsSoft Skills

Required

Bachelor's in computer science (or equivalent) degrees

Minimum of 5+ years of documented information security work experience

At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing

Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols)

Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience

Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc

Demonstrated experience with malware remediation

Experience in one or more technical forensic tools

Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation

Ability to identify signs of intrusion or infection on a variety of systems

Expertise in administration of enterprise OS's

Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset

Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng

Penetration testing experience

Application and database security experience, including code reviews

Network and security engineering experience, including log and network traffic capture analysis