Job Title: Security Engineer/ Architect (50% Remote)
Location: Greenwood Village, CO
Duration: 12+ Months Contract (Very High possibility of Extension/ Conversion)
KP’s Cyber Security team is looking to expand, mature, and execute the Enterprise Technology Security Hardening Service. The goal of the Security Hardening Service is to develop security-hardening standards for platforms, applications, networks and protocols. These hardening standards serve as the gold image requiring compliance for all implementation of a particular technology or a protocol. The hardening standards take into account the entire lifecycle of a technology or a protocol, and include hardening requirements and/or security recommendations for each phase in the lifecycle from a people, process and technology perspective. These baselines are produced and maintained for applications, networks, and platforms to ensure consistent implementation of technical security controls across KP’s technology landscape. This position is focused towards providing expert level security guidance for producing and maintaining security certifications for KP’s IT landscape based on identification and analysis of security control gaps, industry security best practices, regulatory guidance, and KP’s IS Policies. The position will also involve building a security strategy for the service to ensure the service is extensible to accommodate the changing IT landscape for near term future (e.g. cloud, mobile, big data etc.).
Top 3-5 Daily Responsibilities:
- Perform Security Hardening Service Design including process, methodology, and any tools that would be required to ensure hardening standards are developed using a repeatable methodology.
- Formally document the artifacts for various phases of security architecture engagements, and obtain sign-off from all stakeholders.
Top 3-5 Required Skills:
- BS in IT-related or engineering degree and 4 years of experience in IT industry, OR Associates/ equivalent collegiate certificate in an IT-related or engineering degree program and six years of experience in IT industry.
- At least two years of experience in general endpoint configuration management and/or computer engineering, with one year of specialized experience in the following platform OS’s: (requirements can be broken up among different people)
- Windows Professional
- Windows Server
- Linux (RedHat & Suse)
- Unix (Solaris)
- At least one year specialized experience in interpreting and applying a system of cyber security controls to endpoints, such as NIST 800-53, Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs), or Center for Internet Security (CIS) Security Benchmarks.
- Demonstrated understanding of cloud computing and mobile computing concepts and how to apply them.
- At least one year’s specialized experience in configuring security settings and setting Enterprise security policy for the following operating systems: (requirements can be broken up among different people)
- RedHat Enterprise Linux 7.1, 6.x and 5.x
- Suse Linux 11 and 12
- Solaris 10 and 11
- IBM AIX 5.x, 6.x and 7.x
- MacOS 10.x
- Experience in working in one of the following cloud architecture environments:
- Experience in working with and managing mobile devices in an Enterprise environment.
- Advanced GIAC certification and/or CISSP
- Very strong communication skills
If you are qualified, available, interested and planning to make a change, or know of a friend who might have the required qualifications and interest, you can contact me on desk: 415-915-1164 even if we have spoken recently about a different position. If you do respond via e-mail please include the Best time to call and phone number so I can reach you.
Anuj S. Verma
Executive – Resourcing
Pyramid Consulting, Inc.