Top Skills' Details

• Unix command-line OS system and application administration

• Enterprise storage technologies and file systems

• Interpreting automated security scanning & compliance vulnerability reports

• Understanding of Infrastructure-as-Code principles and securing Infrastructure through orchestration technologies

Description

Must sit in RTP, NC area and be able to go into the office 1 day per week.

Information Security Engineer

What You’ll Do:

Enterprise DevOps-as-a-Service (EDaaS) is looking for a DevOps Security Engineer to join our Security Operations team. This focus includes consultation with client stakeholders, evolution of access management, architecture and adoption of data security capabilities, and general security oversight and advisory activities for EDaaS Service Offerings. You will partner with IT service providers, internal customers, and the organization’s multi-functional teams to plan and execute on our strategies.

This role is ideal for a passionate, hands-on security engineer with Unix-focused systems administration knowledge early in their cybersecurity journey. You’ll support the enterprise in improving legacy application security postures, working with other high impact teams with diverse business goals, and driving change while improving business services and taking security to the next level. This team member will have basic knowledge of enterprise-scale IT infrastructure technologies and can coordinate well with an organization that is sensitive to the needs of existing client requirements while embracing innovative technologies.

Responsibilities include (but not limited to):

• Support EDaaS Security Architecture and Infrastructure Architecture staff to implement security program objectives and requirements execution

• Engage with product owners and application support teams to understand security needs and impacts of security decisions on business processes and to communicate risks

• Participate in cross-service and cross-business unit security projects and to ensure alignment with Future State Architecture

• Implement standards, processes, and guide within EDaaS services enabling streamlined and consistent implementation of security requirements

• Implements an integrated risk management approach that applies operating controls to manage information security risks

• Participate in engagements with security partners across IT to build and consume common resources for security metrics/standards/policies, at a more relevant level of detail and usability than the generic guidance provided by Infosec

• Implements security requirements, vulnerability remediation, and participates in team reviews

• Engages EDaaS teams on lifecycle oversight for security outcomes and enterprise requirements (regular certifications for service and application DAST/SAST/Pentest, etc.)

Who You'll Work With

The EDaaS Security team is a centrally managed team the executes security objectives via Agile Scrum Teams. We provide services for internal developers who design and code products across the globe. We are a first point of contact for security guidance, incident response, and leadership. The team is fast-moving, fun, and dedicated to solving hard problems and “doing the right thing” (not necessarily the easy thing!) while supporting excellence within the company, Operations, and IT. You will be part of a small, energetic team who are very passionate about the work they do and the impact they make on the internal operational capabilities.

Who You Are

You are a dedicated and detail-oriented security engineer who can support security program requirements, projects, and advisory activities across a range of technologies. You have experience with Unix-focused systems administration and security best practices and a desire to scale that knowledge to support Enterprise scale initiatives. You can effectively communicate with others and investigate specific issues or dig into system configurations to develop root cause or potential impact theories. You enjoy taking on new areas of knowledge, being the first person to gain expertise in a new area and are willing to learn.

You have a successful track record of connecting the dots to build long-term, trusting relationships with peers, clients, and business partners. You can effectively influence with your good communication skills; written, verbal and interpersonal which gives you an edge to create an impact and build consensus. All of this, combined with your innate ability to balance functional security with complex requirements and legacy dependencies, makes you a phenomenal fit for this role.

Minimum requirements:

• B.S. in Computer Science, Cybersecurity, or related field OR 5 years of related experience

Knowledge of security concepts related to:

• Unix command-line OS system and application administration

• Enterprise storage technologies and file systems

• Interpreting automated security scanning & compliance vulnerability reports

• Understanding of Infrastructure-as-Code principles and securing Infrastructure through orchestration technologies

• Technical problem resolution and analytical processes

• Communications and collaborative problem-solving with partner teams, exercising influence without direct authority

Familiarity with:

• Command-line scripting (shell, Perl, python, etc.)

• Enterprise identity and access/authentication concepts

• Role-based and fine-grained access management

• Evaluating security posture – includes understanding vulnerability reports

• Industry trends for managing IT enterprise identity, data and network security

• Ability to work with peers, customers, and partners to provide innovative security solutions

• Ability to leverage analytical and problem-solving skills to solve unique problems

• Full dedication to client experience and the highest ethical standards

Ideal candidates will have some knowledge of one or more of the following:

• Integration & extension: Federation concepts, SSO, OAUTH, SAML, data synchronization

• Security compliance and frameworks: SANS Top 20, NIST, ISO27001

• Infrastructure & technology: Cloud-native identity system architecture & infrastructure; Active Directory; LDAP

Skills

vulnerability assessment, nist, qualys, python, ansible

Top Skills Details

vulnerability assessment,nist,qualys

Additional Skills & Qualifications

• Need someone to help with security compliance

• Writing python scripts and pull data

• Looking at access tokens and API calls and looking at the age

• Writing scripts on how bad is the environment and what they need to focus on.

• Come up with a plan to secure and improve the environment.

• Need to understand policies - what does this mean for our applications?

• Needs knowledge of Git and GitHub

• Jenkins and antifactory have some roles there

• Can you write Jenkins and know if there is a more secure way to do it

• Program we are doing is Bash. You need to query the application to know what's there. Need to tap into roles and what roles they have. It's a lot of data collection right now. They need to understand the application enough to identify the API calls.

• Target people who have done development before - expecting aspects of a software developer

• Should understand software supply chain

Pay and Benefits

The pay range for this position is $50.00 - $57.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and long-term disability• Health Spending Account (HSA)• Transportation benefits• Employee Assistance Program• Time Off/Leave (PTO, Vacation or Sick Leave)

Workplace Type

This is a hybrid position in Morrisville,NC.

Application Deadline

This position is anticipated to close on Mar 28, 2025.

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.