About Specialized Security Services, Inc.

For over two decades, our expert team has successfully assisted organizations with the implementation and oversight of their information security, privacy, and regulatory compliance programs. Our reputation is our own, built upon our steadfast commitment over the years to do the right thing and go above and beyond for our clients. We pride ourselves on our ability to think outside-the-box, stay nimble and succeed as a team. Additionally, education is important to Specialized Security Services, Inc. We encourage all team members to grow their knowledge base through continuing education, and as such offers reimbursement for industry related certifications.

 

 

Position Summary

Reporting directly to the Vice President, Cybersecurity Services, the Security Engineer I assists clients with their information security programs and project initiatives by performing vulnerability assessments, security assessments, web application assessments, risk assessments, and advising on the implementation of security measures. This may include recommending appropriate risk mitigations against standards in the context of projects and business scenarios to help the business operate securely. This role has a significant component in vulnerability scanning and providing clients with guidance for how to remediate identified vulnerabilities. Successful candidates must excel at providing comprehensive network security recommendations, systems analysis, and full lifecycle project management. This position requires the ability to travel between 20-30%.

 

 

Responsibilities 

  • Perform vulnerability scan assessments, web application security assessments, and other security assessments including but not limited to network discoveries, firewall assessments, data discovery assessments, email pan assessments for Clients.
  • Effectively communicate with Clients onsite and offsite to maintain ongoing long-term perspective of being their “Security Partner.”
  • Conduct pre-scan meetings to establish expectations, identify the key players in the assessment process, and to provide guidance to the clients as to the scope of work to be performed.
  • Perform internal, external scans, by IP Addresses and FQDN provided by the Client.
  • Generate informative reports based on the results of the network testing. All scan reports will include the AOSC, details, executive summary, workbook, and RAW results according to PCI requirements.
  • Identify true vulnerabilities versus false vulnerabilities.
  • Assist in the remediation of identified vulnerabilities and weaknesses by providing guidance and support to clients.
  • Know each Client’s environment well enough to identify inconsistencies and identify potential vulnerabilities.
  • Maintain professional, courteous, and civil relationship with all external and internal customers.
  • Maintain communication with Clients after scans to keep open line of communication.
  • Must be available to work as needed, including off hours.
  • Perform other duties/functions as assigned.

 

Qualifications & Experience

  • Strong knowledge of security vulnerabilities, threat landscape, industry best practices, including PCI DSS and other industry requirements and standards.
  • Proficiency in vulnerability scanning tools and security assessment methodologies.
  • Strong analytical and problem-solving skills.
  • Excellent communication, delegation, and teamwork abilities.

 

Education & Certifications 

  • A university degree in Computer Science, Engineering, or a field which relates to the role.
  • Security certification such as CISSP, CISA, CISM, SANS GIAC, CEH.
  • Minimum of three (3) years of Information Security experience in Security Governance, Risk and Compliance practices and methodologies experience.
  • Experience with performing cyber security assessments and familiarity with industry cyber security tools or experience auditing systems.
  • Experience of security hardening techniques and policy development, particularly with regards to secure software development methodologies and processes.
  • Previous experience in compliance programs including pre-assessment or assessment and gap remediation programs.

 

Physical Demands and Work Environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 

  • Prolonged periods of sitting at a desk and working on a computer.
  • Routinely is required to sit, walk, talk, and hear; use hands on keyboard, finger, handle, and feel.
  • May occasionally be required to stoop, kneel, crouch, twist, crawl, reach, and stretch.
  • Must be able to lift approximately 15 pounds, on occasion.
  • Ability to complete client engagements, onsite, if required.
  • May require travel dependent on company needs.
  • Can work under deadlines.

 

Note: Visa sponsorship is not available for this role.