Duration: 12 months Location: New York, NY 10004
Linux Endpoint Security solution engineer/architect required to work in the Enterprise Security Platforms (ESP) Engineering Team, providing the highest level of security consultancy and engineering support for Linux security agents. The role will focus on engineering Linux security agents and tooling utilized to manage the various solutions. The role is suited to an experienced Linux Engineer with a proven understanding in enterprise security. This role is primarily project based, with numerous activities to expand and enhance the services provided within the environment. The Platform Security Engineering team provides a stable, yet agile and dynamic infrastructure platform to support the business functional requirements whilst managing associated risks. The role in question concentrates on designing and engineering solutions for internal client groups. Security tool development experience is essential as part of a global team in developing and deploying security technology solutions.
The candidate must demonstrate very strong technical qualities - preferably in a global environment, ideally within the finance industry.
- Engineering, analysis and development of Linux endpoint security agents / solutions
- Provide consultancy services to other IT Security teams
- Provide architecture assurance on Linux security initiatives
- Work with global colleagues to provide globally consistent processes and solutions
- Investigate & Troubleshoot root causes when escalated from operations
- Escalate and liaise with additional internal/external groups when required
- Active participation within and amongst teams and colleagues, providing constructive feedback when necessary
- Input into Business Continuity Planning and Practice
-Excellent understanding and experience of architecting, engineering and automating RHEL/Solaris Security solutions for a Global environment of 50,000+ Servers
- Antivirus, Encryption, APT Controls, Sandboxing, OS Hardening, RBAC etc.
- Expert Level RHEL/Solaris Operating System knowledge, including kernel debugging, Application Control, Application Containers and OS-Level Virtualization
- Ability to write robust, maintainable, scripts in Perl or Python.
- Experience of working with Enterprise Security Products and Frameworks
- Interpersonal Skills - Communication, flexibility, self-driven, team player
- Experience and demonstrable skills with RHEL (7+) SELinux, Puppet, Chef, Docker, Luks, Solaris Zones
-Effective troubleshooting skills across all components of the plant (HW, OS, network, storage).
-Architect, design, implement, support, and evaluate all security-focused tools and services
- Assist in the development and enforcement of security policies and best practices
- SIEM experience with Splunk is a plus
- Knowledge of Networks and Firewall Infrastructure
- Additional programming languages and skills such as C, Java, SQL, Ruby.
- General networking (Firewalls, Routing, NAT, OSI Model, packet trace and analysis, etc.)
- Python preferred
- Candidate has to understand Linux permissions
- Not a basic administrator
- Someone who understands the SLA involved with keeping things running, experience in large scale environments
- SELinux experience would be a plus
- Understanding of the following:
- Symantec Endpoint Protection
- Symantec Endpoint Encryption
- Symantec Data Center Security: Server Advanced
- Symantec Advanced Threat Protection
- Symantec Protection Engine
And require solid understanding of:
Memory crash dump analysis
- OSI Model: routing, switching
- Protocols: IP, TCP, UDP
- Network services/applications: DNS, Telnet, and the like
- High-availability/clusters/load balancing technologies
- Package analysis