Security Assurance/Security Testing Engineer

NO SPONSORSHIP

Security Assurance Engineer

SALARY: $150K – $165K PLUS 15% BONUS

LOCATION: CHICAGO

Hybrid 3 days onsite and 2 days remote

You will be responsible for security testing, configuration, baseline processes, and performing a variety of assessments including cloud assessments, light penetration testing, network operating, and system assessments testing. Experience with security controls and standards in AWS networking, operating systems, cloud security, and DevOps security testing is required. Detailed experience with operating system control frameworks such as CIS Benchmark or STIG is desired. Certifications are strongly preferred.

Responsibilities:

• Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments.
• Perform guided reviews of security, network, applications, and cloud environments.
• Produce reports and artifacts for various levels of leadership and staff relating to security-related activities.
• Ensure alignment of security controls as part of the Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices.
• Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities, as well as other security duties which may arise.

Qualifications:

• Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing.
• Ability to participate in multiple concurrent testing assignments while maintaining high quality of work.
• Ability to think critically about the relative risk of security observations within the context of the overall environment and controls.

Technical Skills:

• Experience supporting server operating systems, networking, and enterprise applications.
• Experience with AWS Services including automation services (Lambda, JSON, etc).
• Experience with DevOps Pipelines and GitHub Repos.
• Architectural understanding and expertise of cloud and hybrid cloud infrastructure.

Education and/or Experience:

• Three years of experience with Security Engineering activities and testing.
• One to two years of experience with DevOps processes.
• One to two years of experience with AWS architecture and services.
• Prior experience as a systems or network engineer desired.
• Prior experience with vulnerability management and security remediation desired.
• Detailed experience with operating system control frameworks such as CIS Benchmark or STIG desired.

Certificates or Licenses:

• Strongly prefer at least one of the following certifications:
• AWS Certified Solutions Architect
• AWS Certified Security Specialty
• Certification Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• GIAC Cloud Security Essentials (GCLD)
• GIAC Cloud Security Automation (GCSA)
• GIAC Security Essentials (GSEC)
• GIAC Defensible Security Architecture (GDSA)