Lead Information Technology Security Engineer

The rate is $75 to $90 per hour.

We are seeking a highly skilled Lead Security Engineer to join our team. The ideal candidate will possess expertise in security engineering, with a focus on system and network security, authentication, security protocols, and incident management. The candidate should also have a comprehensive understanding of Identity Access Management tools, Single Sign-On (SSO) and federation standards like SAML, OIDC, and MFA.

Key Responsibilities:

Design, implement, and oversee security standards and operational processes to secure the AWS platform and resources including EC2, S3, LB, GWS, and other AWS services.

Proficiency in Networks, Active Directory, DNS, DHCP, Windows, and Linux operating systems.

Experience with Security Information and Event Management (SIEM) platforms such as Splunk and ELK.

Collaborate with development teams to onboard applications using OIDC/SAML for single sign-on.

Develop automation to optimize Privileged Access Management (PAM) processes, including built-in account discovery from Linux endpoints and inactive system/account management.

Implement baseline configuration standards and security hardening on core services such as Active Directory, DNS, and DHCP.

Establish and deploy security guardrails to AWS infrastructure as code through Git.

Familiarity with common types of cyber-attacks and countermeasures.

Must-Have Qualifications:

Proficiency in security engineering, encompassing system and network security, authentication, security protocols, and incident management. Lead a small team.

Comprehensive understanding of Identity Access Management tools like OKTA or others and implementing SSO and federation standards such as SAML, OIDC, and MFA.

Experience with Security Information and Event Management (SIEM) platforms (Splunk, ELK).

Competence in both Active Directory, DNS, DHCP, Windows, and Linux operating systems.

Day-to-Day Responsibilities:

Engineer and implement various security projects and administer and monitor various security systems.

Hardening of Active Directory Infrastructure.

Collaborate with development teams to onboard applications OIDC/SAML with identity provider for single sign-on.

Build automation to optimize PAM processes such as built-in account discovery from Linux endpoints, inactive system/account management.

Implement baseline configuration standards and security hardening on core services such as Active Directory, DNS, and DHCP.

Establish and deploy security guardrails to AWS infrastructure as infrastructure as code through Git.

Familiarize with common types of cyber-attacks and countermeasures.