Typical Job Function:
The Security Operations Engineer is responsible for assisting with designing, engineering and administering a full range of IT security systems. Additional responsibilities include: daily monitoring of information security solutions, auditing of the overall IT security environment, management of alert notifications, and developing resolutions and mitigation plans.
This position requires that you have excellent interpersonal and team working skills. You will work with IT Architects, Infrastructure Engineers, and Operations to design and implement IT security policies and procedures for a variety of systems, including: firewalls, VPNs, intrusion detection/prevention systems, cryptographic systems, biometrics, anti-malware vulnerability management and patch management software, including the ongoing assessment and tracking of adherence to required security guidelines across the enterprise computing environment.
You will work in a high pressure, real time operating environment and need to have strong communication skills, proven project management and organizational skills. The successful candidate will be analytical, highly driven, proactive and used to taking responsibility. Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, and vulnerability scanners.
The Security Operations Engineer position operates primarily out of the NASDAQ OMX Shelton office with some international travel. This position reports to the Director of Security Operations. The Security Operations group in the Information Security department is globally responsible for monitoring, detecting, and coordinating the response to threats against NASDAQ OMX systems. The position will require supporting the department after normal business hours.
REQUIRED SKILLS, KNOWLEDGE, AND ABILITIES
- 5+ years relevant experience in a medium to large international enterprise environment, contributing to development and administration of an organization wide IT security architecture
- Bachelor's, Computer Engineering and/or Computer Science and/or Electrical Engineering and/or Information Technology
- Experience in delivering IT security solutions, including management and deployment of systems
- Demonstrated experience with network and IT security components, including: firewalls, intrusion detection systems, anti-malware software, data encryption, VPN's, vulnerability scanners, server operating systems, and other industry-standard techniques and practices
- Knowledge and understanding of current security standards and regulations, such as: ISO 27001, COBIT, NIST, ITIL, PCI, and HIPAA.
- Familiarity with: SIEM/syslog, IDS/IPS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response and Identity Management software
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Information Technology Project Management experience
- Solid analytical, problem-solving, and research skills for information security and privacy issues
- Demonstrated ability to work both collaboratively and independently
- High standards, organizational skills, and attention to detail
- Experience in writing reports, system documentation, and training materials
- Experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Certification in operating system, directory services, firewall, VPN, router and/or other technical areas
The NASDAQ OMX is an equal opportunity employer. Applicants and employees are treated without regard to race, color, religion, creed, gender, national origin, age, disability, marital or veteran status, sexual orientation, or any other legally protected status.
- CISSP, CISM, ISSAP, CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, PMP, ITIL v3certifications
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism excellent teamwork skills
- Scripting skills (e.g., PERL, shell scripting)