CBTS

Compensation

Full Description

Security Engineer III Job Purpose: 100% customer-facing position with the mission of managing technical security controls and effectively managing and communicating vulnerabilities, exploits, and incidents to appropriate operations teams while tracking metrics in order to assist the customer in managing risk. The primary purpose is to provide day-to-day management of the client's security infrastructure or day-to-day monitoring, management, and response to security events. Essential Functions: Security Architecture Roles: 65% Perform security assessments or reviews for CBTS customer's enterprise environment. While working with customer technical and executive staff, review the state of various technical and organizational controls processes, and policies. Perform gap analysis, comparing state to widely accepted best practices from vendors, regulatory and compliance bodies, and the security community at large. Document these gaps, along with sensible and relevant recommendations, in findings reports that satisfy the needs of both a technical and non-technical audience. 15% Perform vulnerability scans and penetration tests of CBTS customer environments and controls. Using expertise in the operation of commercial and open-source assessment tools, identify configuration flaws, missing patches, and gaps in defenses that could be exploited by attackers. Assessment types will include social engineering and phishing, wireless, mobile device, and physical security, and web application penetration tests. 15% Assist CBTS customer staff with security needs. Provide recommendations for security architecture, processes, and technologies. Write technical policy, processes, procedures, standards, and other documentation. Perform security research, furthering individual and team understanding of the threat landscape, as well as cutting-edge security technologies. Attend security conferences and participate in local security community events. Evaluate products and tools that can improve the security services team's offerings, and provide value to customers. 5% - Leadership role in cultivating and maintaining the relationship with CBTS customers, vendors, and partners. Security Operations Roles: 60% - Act as technical SME and work all technical escalations from the security operations team including outages and incidents. Lead technical troubleshooting or incident handling events/calls on behalf of the client's security operations team and with the Network, Compute, and Client Operations Teams, internal and external information providers, and others as appropriate. 15% - Lead all aspects of planning, documentation, and process development of CBTS client's global security operations. Drive development of technical procedures and guidelines for implementation and management of Security services as they relate to the global operations team. 10% - Lead technical project efforts for the client's security operations team. 10% - Leadership role in cultivating and maintaining relationships with customers. 5% - Participate in expansion of new opportunities with existing customers as they expand their global security operations requirements. Experience: 6 to 7 years of experience in Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst or Cyber-Intelligence Analyst. Education: Four years of College resulting in a Bachelor's Degree or equivalent. Certifications, Accreditations, Licenses: One or more of the following certifications dependent on the actual role: GIAC/SANS certifications - GCIH, GCIA, GCFE, GCFA, GREM, GSEC ISC2 – CC, SSCP, CCSP, CISSP CompTIA Security+, Akamai Security, Microsoft, Linux technical certifications Key Responsibilities: Configure and manage Akamai security solutions, including Kona Site Defender, Web Application Firewall (WAF), Bot Manager, Client-Side Script Protector, and Account Protector, to mitigate threats, secure payment transactions, and ensure compliance with PCI DSS. Deploy and maintain Akamai Account Protector to defend against fraud-based threat actors. This includes account takeover (ATO) and fraudulent account enrollment protection mechanisms. Configure and operate Akamai Account Protector to provide real-time detection and mitigation of fraudulent login attempts, ensuring secure access to user accounts. Implement and optimize Akamai Content Delivery Network (CDN) for secure, high-performance web traffic delivery. Develop fine-tune rules and policies in Account Protector to adapt to new and emerging threats related to account takeover attempts and credential abuse. Manage Akamai’s SSL/TLS certificates to ensure encrypted and secure data transmission. Maintain the operational integrity of Akamai configurations across the organization, ensuring maximum uptime, performance, and security. Oversee the day-to-day operations of Akamai solutions, including monitoring, troubleshooting, and resolving incidents related to web security and performance. Ensure high availability and scalability of Akamai services, including participation in capacity planning and performance tuning. Conduct regular risk assessments, security reviews, and compliance checks to ensure ongoing adherence to PCI DSS standards. Collaborate with development and security teams to integrate Akamai Account Protector into existing login flows and enhance user security. Collaborate with cross-functional teams (IT, DevOps, Security, Compliance) to implement and monitor secure Akamai configurations aligned with PCI DSS requirements. Develop and implement automation scripts (e.g., in Python, Shell) to streamline operational tasks and ensure timely updates to Akamai configurations, patches, and security policies. Configure real-time monitoring for Akamai services to detect and respond to potential threats or performance issues. Maintain regular reporting on PCI DSS compliance status, Akamai configuration changes, and incident resolutions. Provide expertise in handling security incidents, troubleshooting Akamai-related configuration issues, and remediating vulnerabilities impacting PCI DSS compliance. Develop and maintain comprehensive documentation, including configuration guides, operational procedures, and PCI DSS compliance documentation. Assist with internal and external PCI DSS audits by providing detailed reports on Akamai configurations, security controls, and operational processes. Special Knowledge, Skills, and Abilities: Experience with Akamai Account Protector or similar solutions for securing user accounts from fraud, credential stuffing, and account takeover attempts. Strong understanding of PCI DSS requirements and proven experience implementing and maintaining compliance within large-scale web environments. Strong auditing, assessment, and enterprise security architecture development skills should be a key focus in career history. Experience with technical training and instruction. Experience with public speaking and presentation on technical topics. Enterprise IT security architecture experience in a broad range of disciplines including networking, systems, applications, and cloud computing environments. Experience with enterprise host protection systems, enterprise vulnerability management, network security tools such IPS/IDS, and/or experience with attack tactics, techniques, and procedures used by the APT, Cyber Crime, and other associated threat groups. Excellent verbal and written communications skills. Dependent on position, strong demonstrated skills in multiple enterprise-level OS environments including Microsoft Windows, Linux, and Unix. Strong understanding of network communications (TCP/IP, Ethernet, WAN/LAN technologies) Exceptional research and analysis experience, Risk assessment experience, Auditing experience or CIRT experience. Knowledge of information security threat types, their composition, and IOCs Dynamic Malware Analysis Experience. Knowledge of attacker tactics, techniques, and procedures (TTPs) used by the APT, Cyber Crime and other associated threat groups. Knowledge of computer security incident investigation and response. Experience analyzing common types of attacks, cybercrime, APT, etc... Experience with Splunk or similar Log analysis tools and experience reviewing security events. Experience reviewing, analyzing, and providing reporting on ongoing Intel gathering from various classified, sensitive, as well as open-source intelligence sources. Deep internal knowledge of the MS Windows operating system, file system, registry, processes, and communications as well as collection and analysis techniques. Knowledge of intrusion analysis, network, and host forensics. Scripting experience is a plus (Python, Perl, Ruby, etc.). Working knowledge and experience with standard security solutions and architectures. Experience in Securing Windows, Unix, and Linux environments. Experience in securing J2EE Application (Weblogic, JBOSS) and Web Server (SunOne, Apache) platforms. Experience in securing distributed applications. Experience with encryption technologies. Experience in secure network configurations. Additional working knowledge (understanding) with Crowdstrike, Proofpoint or DTEX a plus. ITSM - Incident / Problem / Change / Request Management experience (ServiceNow preferred) Excellent problem-solving skills and the ability to identify, troubleshoot, and resolve complex configuration or security challenges. Strong interpersonal skills with the ability to work effectively with cross-functional teams, including IT, DevOps, Security, and Compliance. Strong organizational skills and attention to detail. Solid communication skills (leading, influencing experience), verbal and written, including documentation (design and training), and the coaching of other resources. Supervisory Responsibilities: No Supervisory Responsibility Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.