Major Responsibilities:

Maintain secure environment in the client’s infrastructure, which includes endpoint security, network perimeter security, web application and cloud application security. Implement, manage, and upgrade all the security tools with the industry best practices and vendor recommendations. Configure settings for Data Loss Prevention (DLP), Web reputation, Application blocking, and Vulnerability scans. Perform infrastructure security health checks, maintenance and generate reports and technical recommendations. Analyze Network Security Alarms: Determine the severity & impact, by check the signature and action taken; Inform the network admin what steps to take to quarantine/isolate and remediate the machine; Follow-up with the network admin and the user to make sure the machine has safeguards in place; and Follow the escalation procedure in case of cyberattack to protect the network and all the assets. Manage SIEM (Security Information and Event Management) device configurations: Keep the event correlation rules updated; Tune the alarms, including managing exclusion lists, SNMP Log Collectors, Event Security Manager (ESM); and Code the event log parsers for better and precise interpretation. Manage Security Infrastructure including Advanced Threat Detection (ATD), Threat Intelligence Engine (TIE), McAfee ePolicy Orchestrator: Maintain the latest signatures and MD5 hashes up to date; Monitor the Global Threat Intelligence (GTI) feed and keep ATD updated from new threats; Make sure the endpoint protection (AV) policies are updated and synchronized; and Monitor company provided machines and the personal devices (BYOD) to make sure the devices are protected and that they don’t introduce risks to the network. Upgrade the security software and apply software patches.

Apply Now

Job Requirements:

Applicant must possess a Bachelor’s degree, or foreign equivalent, in Information Technology or Computer Science or related degree and 4 years of work experience as Information Security Engineer. Additionally, the applicant must have professional experience with:

1.) Monitoring and managing enterprise networks;

2.) Managing Anti-Virus solutions and AV management consoles like McAfee ePO;

3.) Monitoring & managing Web Gateway and SIEM, and using Cybersecurity Threat Intelligence feeds;

4.) Performing cybersecurity threat research diligently under pressure to find the right root-cause of threat, pinpoint the exact remediation steps, and provide guidance to the network management team; and

5.) Researching global cybersecurity threats and trends to proactively protect the network and address vulnerabilities.

To apply: Email resume to careers@ascent365.com

Job Location:  Schaumburg, IL

Reference: IS2205