Top Security Engineer Skills

Below we've compiled a list of the most important skills for a Security Engineer. We ranked the top skills based on the percentage of Security Engineer resumes they appeared on. For example, 8.9% of Security Engineer resumes contained Firewall as a skill. Let's find out what skills a Security Engineer actually needs in order to be successful in the workplace.

The six most common skills found on Security Engineer resumes in 2020. Read below to see the full list.

1. Firewall

high Demand
Here's how Firewall is used in Security Engineer jobs:
  • Processed routine firewall requests; ensure requests comply with overall security policy and implement changes during appropriate change management windows.
  • Configured firewall rules to secure communication between different environments and protect sensitive information.
  • Prepared detailed procedural documentation for firewall upgrades, implementation and testing plans.
  • Monitored firewall logs for assessing security events and activity using log rhythm.
  • Configured firewall rules based on customer requirements all while ensuring data integrity.
  • Provide remote switch/router/firewall and general network engineering support for field technicians.
  • Trained and mentored incoming engineers in security and firewall management procedures.
  • Manage firewall, network monitoring and server monitoring off-site.
  • Create and disseminate weekly firewall reports to Management Personnel.
  • Authored standard process and procedures for firewall management.
  • Maintained database of firewall configurations and customer connections.
  • Configured firewall using IP tables for system/host security.
  • Provided training on firewall installation and configuration.
  • Performed firewall provisioning on existing customer firewalls.
  • Configure Access-list on company and customer Firewalls.
  • Configured firewalls and other network devices.
  • Evaluated firewall requests for security vulnerabilities.
  • Provided training in all aspects of the networks including logging on and configuring the firewalls, switches, servers and applications.
  • Performed various types of audits: User ID access/activity, web activity, firewall logs, system access and security assessments.
  • Resolved various network issues using practices including packet captures and packet tracers on the active firewalls, servers and local machines.

Show More

2. Vulnerability Assessments

high Demand
Here's how Vulnerability Assessments is used in Security Engineer jobs:
  • Performed vulnerability assessments based on the process and standards within DoD Information Technology Security Certification and Accreditation Process (DITSCAP).
  • Performed network Vulnerability Assessments using tools to evaluate attack vectors, develop remediation plans, Identify System Vulnerabilities and Security Procedures.
  • Subject matter expert who conducts physical security engineer vulnerability assessments for installations world-wide against Department of Defense Anti-terrorism/Force Protection benchmarks.
  • Perform electronic vulnerability assessments at the business unit level and review the assessment of vulnerabilities performed by third-party vendors.
  • Conducted operating system, network and application vulnerability assessments to identify security exposures in the environment.
  • Assisted in vulnerability assessments of networked Air Force systems during operational test and evaluation phase.
  • Conducted numerous internal and external vulnerability assessments including assessments related to PCI DSS Requirement 11.2.
  • Performed vulnerability assessments that identified and quantified vulnerabilities in the agency's environment.
  • Performed risk/vulnerability assessments for exceptions to corporate security policies, procedures & processes.
  • Identify vulnerabilities by conducting network vulnerability assessments utilizing QUALYS network vulnerability management scanner.
  • Experience performing system vulnerability assessments, penetration testing and host-based security auditing.
  • Performed security audits and vulnerability assessments for customer facing service delivery networks.
  • Analyze target networks, vulnerability assessments and composition of target networks.
  • Analyzed output from network vulnerability assessments and recommend mitigation strategies.
  • Assist with core network vulnerability assessments and security configuration audits.
  • Performed and analyzed Penetration Tests and network vulnerability assessments.
  • Perform periodic vulnerability assessments of the network.
  • Prepared, reviewed, and coordinated the SEA report, site briefing, and vulnerability assessments reports.
  • Conduct host/network vulnerability assessments (penetration testing) as part of the Air Force 92nd Aggressors Squadron.
  • Perform Information Assurance (IA) vulnerability assessments on both classified and unclassified voice and data networks.

Show More

3. Web Application

high Demand
Here's how Web Application is used in Security Engineer jobs:
  • Provide service implementation guidance to enhance security posture by reducing threat vector and consultation regarding network and web application posture.
  • Conduct regular dynamic security scans for company project teams for web applications.
  • Monitored alerts generated by web application firewall on a daily schedule.
  • Fine-tuned the applications in web application firewall to reduce false positives.
  • Performed security assessments for multiple web applications and web services.
  • Deployed web application firewall to detect web application based intrusions.
  • Defined Web Application Firewall service solutions to protect web-facing applications.
  • Configured and managed Sun Directory Server for web applications.
  • Deployed numerous critical applications in Web Application Firewall.
  • Introduced OWASP web application standards to corporate developers.
  • Performed penetration tests against web applications and services.
  • Lead Engineer performing Web Application/Web Services Penetration Testing.
  • Monitored web applications using Topaz monitoring tool.
  • Perform thorough penetration testing on web applications.
  • Web application penetration testing and consulting.
  • Led the effort to upgrade our Web Application Firewall solution from an outdated version to the latest offering by the vendor.
  • Provided instructions and troubleshoot users' access with firewall client and RSA SecurID authentication in accessing web application resources.
  • Secured web application development and performed source code review, hardened Linux servers, implemented SSL and PKI.
  • Presented Web Application Firewall brown bag session to various high level management and application's account managers.
  • Coordinated 3 week security assessment of next generation core business web application during development phase of SDLC.

Show More

4. Infrastructure

high Demand
Here's how Infrastructure is used in Security Engineer jobs:
  • Provide network LAN/WAN design, implementation, consulting and leadership for data and converged communications infrastructure based largely on Cisco equipment.
  • Worked with a contract team to analyze and support agency Critical Infrastructure Protection program, including detailed vulnerability policy analysis.
  • Utilize Tenable Security Center for vulnerability/penetration testing coupled with Dell SecureWorks for incident management to better secure the network infrastructure.
  • Use security management monitoring tools to identify and ensure resolution to all infrastructure problems, security breaches and threats.
  • Identified security requirements for applications, services and supporting infrastructure and effectively communicated the requirements to application development teams.
  • Provided configuration management support per the network infrastructure, LAN/WAN operating systems, and computer data exchange requirements.
  • Configured Horizon Clinical Infrastructure (HCI) base tables to display pertinent patient information and department specific information.
  • Developed all documentation relating to design & implementation of network infrastructure in both technical & user-friendly formats.
  • Worked on a team dedicated to Bank of America supporting all operations for security infrastructure.
  • Create documentation for incident change requests to improve security and stability of the whole security infrastructure
  • Researched and analyzed security bulletins to determine applicability within Army Medical Department's IT infrastructure.
  • Participated in and contributed to the Patch and Vulnerability and Infrastructure Risk Remediation groups.
  • Performed network traces and query/mine logging infrastructure to troubleshoot performance issues, security incidents.
  • Worked on installation, configuration, and administration and troubleshooting of LAN/WAN infrastructure.
  • Designed and implemented pilot program and production security projects for Oracle's infrastructure.
  • Perform monthly security scans and analysis on internal and external infrastructure and reporting.
  • Perform application testing within the infrastructure to ensure consistent security requirements are met.
  • Conduct penetration tests on critical infrastructure to support the organizations risk management program.
  • Supported team developing infrastructure, cost and schedule estimates for data operations center.
  • Provided technical support and analysis of critical infrastructure for security programs and policies.

Show More

5. Windows XP

high Demand
Here's how Windows XP is used in Security Engineer jobs:
  • Install and configuration & maintained Windows XP - Vista Business Microsoft Windows server 2003, 2008 and 2012server, Exchange Server.
  • Created directory structures and set security permissions to LAN user accounts using Windows XP and Active Directory.
  • Patched and maintained repositories for Linux, Windows XP, 2000, 2003.
  • Supported Windows XP and 7 clients having trouble with network connectivity.
  • Migrated user accounts from Windows NT to Windows XP.
  • Developed and executed enterprise workstation imaging and deployment methodology for Windows XP, Vista and Windows 7 for over 9,500 systems.

Show More

Job type you want
Full Time
Part Time
Internship
Temporary

6. Security Policies

high Demand
Here's how Security Policies is used in Security Engineer jobs:
  • Identify and recommend areas where existing security policies and procedures require change/update or where security risks require new policies or procedures.
  • Ensured the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies.
  • Verified that data is being collected by running queries, performing vulnerability scans and validating security policies.
  • Lead a group of Security Engineers in maintaining, improving, and distributing organizational security policies.
  • Conducted basic penetration testing on the security systems to evaluate the security policies implemented.
  • Oversee accreditation letters, network architectural designs, and local security policies and procedures.
  • Maintain active involvement in the development and implementation of security policies and procedures.
  • Developed security policies and implemented controls to protect data at HBO media productions.
  • Designed and implemented security policies, guidelines and procedures for distributed enterprise.
  • Conduct product ethical hacking and compliance verification with corporate product security policies.
  • Coordinated and implemented security policies and procedures for all managed clients.
  • Develop enterprise security policies in order to keep the environment protected.
  • Delivered and provided expert analysis of key security policies.
  • Assisted in development and implementation of technical security policies.
  • Complete high level documentation of security policies and procedures.
  • Developed corporate security policies and procedures.
  • Brief new hires to ensure prospective users are aware of, understand, and adhere to systems security policies and procedures.
  • Design, implement, and maintain security policies, change control policies, network layouts, and encrypted remote access solutions.
  • Managed and maintained security policies, as well as, develop and provided security awareness training to all staff.
  • Conducted information system audits, log analysis, and procedural reviews to verify compliance with the security policies.

Show More

7. VPN

high Demand
Here's how VPN is used in Security Engineer jobs:
  • Defined and troubleshoot site-to-site VPN connections.
  • Diagnosed and corrected network troubles, network performance as well as router and VPN connectivity issues for multiple clients.
  • Analyze IKE and VPN debugs using IkeView utility, with emphasis on Phase I and Phase II key exchange.
  • Tasked with designing and implementing a NetScaler Gateway 10.1 solution to provide SSL VPN capabilities for external users.
  • Designed VPN solutions to meet the connectivity needs of our clients as well as our security requirements.
  • Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
  • Installed, configured, and maintained secure VPN tunnels for developers, creating an isolated development environment.
  • Specialized in PKI, VPN, and Desktop Security, and Implemented Authentication and Authorization solutions.
  • Configured VPN access and firewall rules to critical systems for remote monitoring and after hours support.
  • Implemented and maintained approved user access permissions for appropriate systems, including VPN remote access requests.
  • Supported the Build out of VPN and Remote access solutions for Site to Site/3rd Party connectivity.
  • Read router/VPN logs to determine security holes and take appropriate response within an immediate time frame.
  • Review VPN implementation proposals and Connection Profiles and making changes as per the business requirements.
  • Worked on PIX Cisco firewall, configured and connected all corporate branches via VPN.
  • Conduct WebEx session and assist Security engineers in troubleshooting Firewall-1 and site-to-site VPN issues.
  • Provided service to vendors setting up their VPN access and provided excellent customer service.
  • Configure Solar Winds access for external customer portal via SSL-VPN and PAT.
  • Experience in installing Site- Site VPN using ASDM and command line interface.
  • Build SSL-VPN at all sites for secure communication to internal network.
  • Work with business Partners Utilizing Cisco SSL_VPN access, and telnet.

Show More

8. Information Security

high Demand
Here's how Information Security is used in Security Engineer jobs:
  • Performed both internal and external security vulnerability/information security assessments.
  • Researched and participated in the development of system requirements, and evaluation and selection of various products for Information Security organization.
  • Created Information Security procedure documents that related to Information Security Policies and related to user provisioning and access roles.
  • Managed operational risk through program testing and monitoring by analyzing global information security standards to identify potential risk.
  • Experience in Information Security Platform by providing support on known/ unknown vulnerabilities/ threats found via security devices/ product.
  • Managed a team of information security professionals tasked with ensuring systems complied with company security and configuration requirements.
  • Coordinated Information Security audits for internal and external Auditors, including coordination for 3rd party penetration tests.
  • Participated in information security risk assessments and assisted in reducing user security awareness results by 15%.
  • Coordinated with the Information Security governance organization concerning acceptable solutions that meet corporate defined information protection standards.
  • Participated in the development of an Information Security and Privacy Policy for the protection of sensitive/regulated data.
  • Follow operational process and procedures to appropriately analyze and assist in remediation of critical information security incidents.
  • Analyzed output from popular information security tools to write detailed reports outlining incidents with resolution recommendations.
  • Provide routing/switching and information security services to the US Military Southwest Asia area of operations.
  • Directed activities of performing suppliers and vendors supporting global Information Security threat management initiatives.
  • Develop and maintain reports and alerts for Information Security operations and other business units.
  • Devised a strategic plan for information security risk management to meet regulatory requirements.
  • Improved overall security posture by ensuring adherence to information security policies and standards.
  • Serve as subject matter expert on application and information security technologies and methodologies.
  • Lead drivers to improve reliability of services and corporate compliance in information security.
  • Service owner directing the information security process, governing technical application risk assessments.

Show More

9. IDS

high Demand
Here's how IDS is used in Security Engineer jobs:
  • Key accomplishments included selection and implementation of an IDS solution and completion of a program-level security manual.
  • Managed security policy on IDS/IPS/Firewalls/Proxies/DLP & other advanced network and information security systems.
  • Demonstrated advanced level experience authoring and modifying IDS/IPS/WIDS signatures and configurations.
  • Installed and maintained security infrastructure, including IDS/IPS expansion.
  • Managed knowledge-based and behavior-based IDS systems.
  • Created IDS signatures to detect undesired or malicious network activity (APT, malicious code scanning, and payload propagation).
  • Developed and implemented IDS standards on Intrusion Detection Sensors, including remote management and monitoring of more than 15 IDS sensors.
  • Deploy, tune, and maintain Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
  • Work with SIEM/IDS systems to monitor and provide incident resolution and response to all security alerts and events.
  • Perform duties on the Intrusion Detection System (IDS) by setting and manage users' accounts.
  • Install Cisco IDS for LAN and DMZ and manage it to provide report to the security administrator.
  • Served as a senior member of security team supporting customer's installation of ISS Real Secure IDS.
  • Configured IDS signature library for security group - set traps and notifications rules to enhance system throughput.
  • Reviewed network diagrams, confirmed accurate placement of IDS systems in network and identified security gaps.
  • Configured, optimized, maintained and analyzed IDS, firewall, encryption devices equipment and traffic.
  • Investigate and manage RealSecure Server Sensor host based IDS support issues escalated beyond the support team.
  • Worked with the service delivery manager to properly tune the IDS policy to meet business requirements.
  • Contributed to migration project from legacy IDS platform to an open source IDS architecture and platform.
  • Assured weekly patch updates and backups for all IDS/IPS capabilities were kept current and securely configured.
  • Migrate over 30,000 users which consisted of Application IDs, Process IDs, and Human Users.

Show More

10. Ips

high Demand
Here's how Ips is used in Security Engineer jobs:
  • Performed Certification for FIPS 199 High, Medium and Low watermark sensitivity level categorization information and information systems.
  • Maintain professional relationships with business units within Intuit to provide guidance regarding security projects.
  • Configured security policy within IPS and created security reports.
  • Manage vendor relationships including requirements gathering and product selection.
  • Worked as a member of the IPS-1 SmartDefense Research and Development group, developing signatures and protocol parsing engines for IPS-1.
  • Create HIPS exceptions and Firewall rules for Naval Tactical Command Support System (NTCSS) and other POR systems policies.
  • Maintained the companies IPS (Intrusion Prevention Systems) by ensuring that the Filters were updated on a regular basis.
  • Designed and maintained global security infrastructure utilizing Cisco Firewall, MPLS technology and Intrusion Prevention Systems (IPS).
  • Designed, configured, and deployed 18+ Cisco ASA firewalls providing IPSEC/SSL WebVPN access for viewing corporate camera systems.
  • Initiated a Firewall rules and IPS policy audit, to optimize performance and security of the current network.
  • Monitored activities relative to HSPD-12 and FIPS 201 directives and guidelines and updated the engineering team and management.
  • Upgraded 200+ WAN/LAN/MAN Cisco PIX/ASA firewalls, with and without IPSEC VPN tunneling, under strict time constraints.
  • Configure and maintenance of Intrusion Prevention System (IPS), using HP TippingPoint and McAfee IPS.
  • Assisted on the configuration and deployment of the IPS appliances and placed them inline on blocking mode.
  • Experience on creating custom IPS rules and traffic profiles to monitor traffic deviation and response to threats.
  • Installed and configured Cisco MARS, and Cisco 4200 IPS devices for event/threat correlation and detection.
  • Managed and supported Cisco IPS (version 5.1.4) sensors, signature ID's and process.
  • Monitored and maintained McAfee\Intel Secure Server (HBSS) modules to include DLP and HIPS tools.
  • Worked on administering of User accounts, Group memberships, and Organizational Units using Active Directory.
  • Contributed to the implementation of IPS to include network diagrams and fine tuning the IPS system.

Show More

11. Disa

high Demand
Here's how Disa is used in Security Engineer jobs:
  • Worked on Business Impact Assessment, Disaster Recovery and Business Continuity planning, preparation and documentation.
  • Implemented the Data Center Disaster Recover documentation Secured and applied patches on UNIX/Windows servers.
  • Developed processes and procedures for the steps involved in business continuity and disaster recovery.
  • Analyze various systems and architecture for proper Disaster Recovery and Fail Over configurations.
  • Provided ongoing instruction to relevant site personnel on disaster recovery and computer security.
  • Constructed an inventory of critical systems and developed comprehensive disaster recovery system.
  • Helped develop and test previously non-existent contingency plan / disaster recovery plan.
  • Developed, implemented, and upgraded Exodus' disaster recovery/business continuity plans.
  • Perform and document necessary procedures in support of Disaster Recovery exercises
  • Configured and tested Network Disaster Recovery for client.
  • Participated in Disaster Recovery exercises for mainframe systems.
  • Created new disaster recovery/Business continuity plan.
  • Develop Loop back driver to enable/disable users, assign resources on a set of preconditions, when the user is created.
  • Worked as a Security Engineer on a custom built application for the Defense Information Systems Agency (DISA).
  • Prevented systems from falling out of compliance and stopped end users from changing settings or disabling vital protection.
  • Implemented Tenable Log Correlation Engine into the DISA ACAS solution to provide event monitoring capabilities for JSP-Mark Center.
  • Completed 9 sites which have resulted in successful assessments and site connectivity to the DISA voice networks.
  • Work with clients to solve malicious network attacks, data breeches, and post-hack disaster recovery.
  • Participated in Six (6) disaster simulations increasing start-up time to over 85%.
  • PROFILE: SECURITY-DISASTER RECOVERY ENGINEER- This included heavy LAN/WAN experience, extensive Project Management experience.

Show More

12. Network Security

high Demand
Here's how Network Security is used in Security Engineer jobs:
  • Performed all signed network security analysis duties, including verification and validation of alarms, recommendation of remediation actions and procedures.
  • Learned detailed functional knowledge of DoD and/or DISA network security requirements, Information Assurance procedures and/or guidelines ensuring IAVA compliance.
  • Utilize network scanning tools and other security and audit tools to test for network security vulnerabilities and provide recommendations.
  • Assessed customer's current network and security architecture and recommend security solution configuration utilizing strong network security experience.
  • Assisted in the development and implementation of policies and procedures relating to information assurance and network security.
  • Designed and implemented network security and monitoring solutions based on commercial and open source software.
  • Researched, developed and implemented security controls and standards to minimize network security risks.
  • Provided wireless network security solutions to customers using a variety of Cisco products.
  • Installed and evaluated FreeBSD Unix systems as potential low-cost network security analysis workstations.
  • Evaluate, document, and followup on network security monitoring and authentication.
  • Developed and maintained relationships between corporate auditing team and network security staff.
  • Monitored and administered the network security through maintenance of existing products.
  • Provided network security and protection against unauthorized access and malicious intent.
  • Provided DIACAP documentation and training in Information Assurance and Network Security.
  • Partnered with university clients on configuration management of network security devices.
  • Designed and deployed network and network security solutions for campus/branch.
  • Approve proposed changes for network security infrastructure prior to implementation.
  • Review network security infrastructure configurations for compliance with published standard.
  • Researched, evaluated and selected Enterprise Wireless Network Security Solution.
  • Recommend network security standards to customer to present to management.

Show More

13. Checkpoint

high Demand
Here's how Checkpoint is used in Security Engineer jobs:
  • Conducted periodic reviews of Checkpoint firewall policies rule base for rules consolidation and cleanup in coordination with stakeholders.
  • Audited and analyzed Checkpoint and Juniper firewall rules and logs for unauthorized and abnormal traffic.
  • Installed and maintained CheckPoint Firewall running on Nokia Security Appliance in a clustered environment.
  • Perform weekly backups and storage of Checkpoint management servers and firewall configurations.
  • Enforced/Configured security policies within checkpoint Smart-Dash-Board: Configured DLP, URL filtering.
  • Managed Checkpoint management server for a complex Provider-1 Firewall environment.
  • Designed and deployed Delta Dental checkpoint security management infrastructure.
  • Administered and troubleshot firewall rules on CheckPoint firewalls.
  • Migrated CheckPoint management from SmartCenter Server to Provider-1.
  • Deployed Checkpoint Provider-1 R70 security management.
  • Utilized Checkpoint firewalls for perimeter hardening.
  • Implemented Checkpoint Provider-1 management console.
  • Installed, configured, and troubleshot the following devices: o Checkpoint Firewall NG/AI and NGX on Nokia and Splat platforms.
  • Upgrade, Maintain, Configure and support Checkpoint Management Server and Security gateway high availability using Cluster XL, VRRP.
  • Deploy and manage firewalls (Checkpoint, ASA, SonicWALL and NSX) throughout the company footprint around the world.
  • Performed Checkpoint firewall upgrade of 20 firewalls from Juniper SSG320M and SSG140 to Checkpoint R77.30.
  • Monitor Checkpoint VPN tunnel activities with smart view monitor and troubleshoot VPN issues with CLI.
  • Moved all 3rd party VPN's from legacy Cisco ASA firewall to Checkpoint firewall.
  • Install, configure, and create Firewall rules for small business, Checkpoint firewall.
  • Manage and improved the security of the corporate firewalls running CheckPoint and Cisco PIX.

Show More

14. Linux

high Demand
Here's how Linux is used in Security Engineer jobs:
  • Perform system level configuration changes on networking hardware, Windows and Linux systems in order to accommodate customer environments.
  • Provided vulnerability assessment of the Linux production network systems utilizing QualysGuard.
  • Developed strategy to perform automated testing on Linux systems.
  • Performed vulnerability scans for Unix/Linux environment.
  • Work includes proficiency at the command line (SSH), utilizing ForeScout utilities as well as Red Hat Linux commands.
  • Managed ~60 servers across various platforms such as Microsoft Server 2003, 2008R2, 2012 and Red Hat Linux 6.4.
  • Created and managed user accounts, security, rights, disk space and process monitoring in Red hat Linux.
  • Performed OS installation, hardening, security configuration, and audit for Linux, BSD and Win32 computing platforms.
  • Conducted analysis using Kali Linux environment and effectively neutralized DOS, DDOS, XSS and SQL Injection Attacks.
  • Initial SRR scan certification of all new Unix/Linux hosts in the LMP and DTCI hosting sites.
  • Served as primary IA tester for various Windows, Linux and Unix systems within each program.
  • Advanced working knowledge of Linux shell and working knowledge of Python, Perl, Bash scripting.
  • Scanned and created remediation plans for Windows, Linux, and Network devices across the agency.
  • Ensured GreenLancer is up to date on the status of security vulnerabilities in the Linux/Amazon/Windows/OSX worlds
  • Installed upgrades, kernel patches, systems configuration, performance tuning on Unix/Linux systems.
  • Installed and secured a Red Hat (Linux) server running Snort and ACID.
  • Work involves the configuration and deployment of Linux servers and vendor specific appliances.
  • Compiled and installed applications both manually for source and using Linux binaries.
  • Maintain and engineer systems that include Windows, Linux, and Cisco.
  • Run port scanning on all systems with Linux based scanner.

Show More

15. Incident Response

average Demand
Here's how Incident Response is used in Security Engineer jobs:
  • Established a formal procedure for tracking internal IT security incidents & ensured incident response & escalation procedures were followed.
  • Participated in security incident response team activities, provided and implemented tactical risk mitigation to incidents.
  • Developed a Security Incident Response process to help manage escalation notification from managed security service providers.
  • Coordinated technical incident response as well remediation activities on a Secret-level government network environments.
  • Maintained incident response, disaster recovery, business continuity, and evacuation plans.
  • Performed industry accepted standards and best practices related to incident response operations.
  • Program included: incident response/e-discovery/forensics, ITIL change management and vulnerability management.
  • Investigate intrusion incidents, conduct forensic investigations and mount incident responses.
  • Participated in the development and adoption of standardized incident response procedures.
  • Developed certification and accreditation documentation including Incident Response and Contingency Plan.
  • Authored, implemented and oversaw an enterprise-level incident response plan.
  • Function as technical expert during a security incident response.
  • Performed computer incident response, investigation, and mitigation.
  • Assist with security incident response and investigations as necessary.
  • Participated in incident response and recommended corrective actions.
  • Managed incident response for customer vulnerability findings.
  • Performed Security Incident Response for enterprise.
  • Developed the IS support and incident response model as well as participate in the design of the IS business model.
  • Engineered ArcSight reporting processes and implemented to inform and assist clients' incident response teams and security managers.
  • Act as a member of Security Incident Response team and the Change Review Board Main accomplishments:.

Show More

16. Assurance

average Demand
Here's how Assurance is used in Security Engineer jobs:
  • Provided independent validation that Information Assurance controls were properly deployed and tested across Air Force satellite terminal programs.
  • Cost estimations, Installation management, Quality assurance and acceptance testing relating to large High Technology Security Systems.
  • Analyzed general information assurance-related technical problems and provide basic engineering and technical support in solving these problems.
  • Promoted to IA/CND to advise military customer on information security regulatory requirements and train information assurance personnel.
  • Research, author and deliver recommendations for information assurance compliance of operating system and software end-of-life.
  • Supported Information Assurance of Mission operational systems to include working on Patch Management.
  • Perform a variety of routine project tasks applied to specialized information assurance problems.
  • Implemented digital signature capabilities onto National Geospatial-Intelligence Agencies' Software Assurance Forms.
  • Developed and instructed HBSS training for Lockheed Martin Information assurance officers nationwide.
  • Provide information pertaining to Information Assurance Vulnerability Management (IAVM).
  • Provided documentation of lessons learned and recommendation for Information Assurance.
  • Provided internal feedback for updating CC evaluation assurance documentation.
  • Qualified as a quality assurance inspector.
  • Provided Quality Assurance (QA) for security reports, metrics, and trending information used to brief senior level leadership.
  • Execute all aspects of Information Assurance Support including Certification and Accreditation of federal information systems in accordance with OMB and FISMA.
  • Apply information security and information assurance policies, principles, and practices in the delivery of all IT services provided.
  • Manage and track all Remedy tickets within DHS HQ Information Assurance ticket queue via Excel workbook, which I created.
  • Serve as the Information Assurance Vulnerability Manager for all GCCS-M baselines, ensuring Fleet and Shore site Information Security compliance.
  • Conduct testing as required to validate fixes for Department of Defense Information Assurance Vulnerability Management (IAVM) issues.
  • Developed test plans and test cases for manually testing software applications required in the CC independent testing assurance requirement.

Show More

17. Security Assessment

average Demand
Here's how Security Assessment is used in Security Engineer jobs:
  • Provided oversight and direction for security assessments, incident handling and response, and implementing enterprise anti-virus and two-factor authentication solutions.
  • Acted as an impartial representative for the DAA to conduct legacy systems security assessments to identify associated vulnerabilities and residual risks.
  • Participated in Computer Security Engineering Team, conducting computer security assessments of Air Force bases.
  • Created security assessment plan; examine artifacts and interview systems owner during the security assessment.
  • Conducted technical security assessments and recommend security upgrades to deter terrorism and technical espionage.
  • Briefed final security assessments and recommendations for security to the Department of State.
  • Performed hands-on investigations and forensic analysis, as well as security assessments.
  • Performed security assessments against new applications and systems to detect security vulnerabilities.
  • Performed security assessments using a variety of open-source tools.
  • Perform vulnerability testing, risk analyses and security assessments.
  • Involved in architectural design review and security assessment phases.
  • Performed security assessments of internal applications and projects.
  • Prepared and distributed security assessment reports to constituency.
  • Conduct security assessments of strategic operating units.
  • Reviewed and evaluated 3rd party security assessments.
  • Conducted social engineering, wireless security assessments.
  • Conduct Security Assessments for military installations worldwide.
  • Managed third party security assessment engagements.
  • Participated in root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture discussions.
  • Implemented Security assessments (using ISO 17799 2700x) of 3rd party partners to address risks for Corporate data and network.

Show More

18. Intrusion Detection

average Demand
Here's how Intrusion Detection is used in Security Engineer jobs:
  • Provided configuration and support for enterprise anti-virus, patch management, two-factor authentication, and intrusion detection/prevention and logging systems.
  • Performed risk assessments, threat assessments, intrusion detection, vulnerability/risk validation, and secure application development- revised network architecture.
  • Developed, tested and operated firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
  • Install and maintain intrusion detection devices such as microwave/passive infrared motion detectors and door contacts.
  • Monitored security audit and intrusion detection system logs for system and network anomalies.
  • Experience with Intrusion Detection/Intrusion Prevention System/ Wireless Intrusion Detection monitoring and analysis.
  • Network scanning and intrusion detection on products to ensure authorized individual access.
  • Designed network intrusion detection system and implemented supporting backup program.
  • Updated security issues, attack methodology and intrusion detection practices.
  • Experienced in managing firewalls, anti-virus and intrusion detection systems.
  • Assessed physical security including intrusion detection and social engineering.
  • Configure and install firewalls and intrusion detection systems.
  • Configured and managed Network Intrusion Detection Systems.
  • Planned and implemented various security projects including (Intrusion Detection Systems deployment, network monitoring, and network architecture).
  • Supported penetration testing, security applications, intrusion detection systems, and other counter measures for customer cost impacts.
  • Act as liaison between the 33 NWS and MAJCOMS for all intrusion detection incidents.
  • Update McAfee and Fire Eye Agents on end user nodes intrusion detection system.
  • Supported Intrusion Detection Systems using Real Secure to monitor the INS infrastructure.
  • Monitored ISS RealSecure for intrusion detection, and plan appropriate response.
  • Be proactive on any down or Intrusion Detection issues found.

Show More

19. Mcafee

average Demand
Here's how Mcafee is used in Security Engineer jobs:
  • Configured, installed and maintained McAfee endpoint security on management and policy servers.
  • Managed and configured all McAfee endpoint products in a way to maintain a balance between security and functionality on production networks.
  • Upgraded McAfee PortalShield from 2.0 to MSMS 3.0 and consolidated exclusions to minimize performance impact across all SharePoint versions.
  • Led international team of engineers through deployment of McAfee endpoint security solution to over 20,000 endpoints across three continents.
  • Lead projects to test and deploy McAfee security protection solutions for the corporate and retail environments.
  • Implemented McAfee DLP DCM to control and restrict the use of removable media on classified systems.
  • Performed change control modifications on Cisco ASA, McAfee Sidewinders, and McAfee web washers.
  • Assigned backup support of McAfee's Hercules and McAfee's Host Based Security System packages.
  • Created Virtual Machines using to effectively test McAfee policies, software distribution and scripts.
  • Helped to build McAfee agents for desktops and upgrade to the latest version.
  • Develop and apply rule sets to the McAfee (Sidewinder) firewall.
  • Support McAfee and wrote the policy for it for a few years.
  • Implemented McAfee Move to reduce performance overhead on Virtual Workstations and Servers.
  • Worked with customers and vendor McAfee on the key initiatives.
  • Manage the SQL 2005/2008 Databases for McAfee Vulnerability Manager.
  • Designated as lead engineer for all McAfee deployments.
  • Provided McAfee services and support to internal clients.
  • Maintained agency's McAfee web filter.
  • Managed Tumbleweed products for inbound and outbound email protection which provided identity validation secure file transport and antivirus using McAfee updates.
  • Assisted other Security team members in the installation and testing of McAfee Security products on Solaris and Red Hat Linux.

Show More

20. Internet

average Demand
Here's how Internet is used in Security Engineer jobs:
  • Conducted research, mitigation, and coordination of actions designed to reduce information security risk across internet facing presence.
  • Monitor network and systems vulnerability using ISS Internet Scanner and System Scanner for security assessment and compliance.
  • Developed and maintained F5 application security policies to protect Internet facing applications from common web application attacks.
  • Designed and implemented application integration strategies for legacy applications requiring Internet accesses for their users.
  • Performed authentication and validation of network access and corporate security for Internet access.
  • Provided security engineering services to a variety of e-commerce and Internet services companies.
  • Performed host security assessments and Internet vulnerability testing for a variety of companies.
  • Managed and administered internet filtering and web security solution and controls.
  • Provided Internet security, email security and electronic security.
  • Created new network topology of the Internet security environment.
  • Manage Internet content filtering infrastructure using Surf Control.
  • Performed stringent daily audits of the site's internet activities to monitor instances of waste, fraud, or abuse.
  • Performed pen testing on the internet facing and intranet facing applications and also on the network infrastructure of the client.
  • Deployed a single-threaded Internet Security Systems (ISS) SiteProtector 1.2 and 2.0 architecture to support monitoring and analysis operations.
  • Implemented and manage HP Open View Operations and Open View Internet Services which monitors vital IS processes and services.
  • Monitored Department of Defense (DOD) Internet Access Points (IAP) for potential Denial of Service Attacks.
  • Project Wildfire was EDS Common Office Environment (COE) initiative to tie EDS users to internet based resources.
  • Consulted on various projects concerning DMZ, vendors, internet application connectivity, and B2B design and implementation.
  • Implemented a split-brain DNS to isolate the First Chicago NBD networks from the Internet for additional internal stability.
  • Implemented and maintained security controls for the Company's internet sites, application services and WAN connections.

Show More

21. Active Directory

average Demand
Here's how Active Directory is used in Security Engineer jobs:
  • Provided support for Active Directory maintenance.
  • Design and implement the Active Directory forest architecture to synchronize with multiple clients AD domains and provide managed services to clients.
  • Write Scripts using PowerShell to automate all Active Directory processes including: Creating/Managing User & Service Accounts, Creating/Managing Security Groups.
  • Review and validate the privileged users and groups at Active Directory, Databases and application on a periodic basis.
  • Experience with Microsoft Active Directory including configuration of network and user Group Policy Objects settings, and LDAP querying.
  • Created Active Directory groups to allow secure access to Windows and UNIX/Linux platforms as well as file shares.
  • Recruited to provide consulting services on the design of Active Directory, specifically within the provisioning area.
  • Managed Active Directory account attributes, new user account creation, modification, termination, and deletion.
  • Assist IT Military Professionals in solving Network problems from Active Directory Issues to Router Configuration problems.
  • Analyzed and made changes to Active Directory Group policy for regulatory compliance and maintain best practices.
  • Create and manage User accounts, Service accounts and Security Groups in Active Directory and FIM.
  • Designed new Active Directory structure and oversaw the migration from previous domain to new domain.
  • Performed vulnerability assessment & penetration testing against the Windows, Active Directory & SQL environments.
  • Managed account creation and deletion in Active Directory as well as employee status changes.
  • Manage and configuring active directory (user, group, service and protocols).
  • Develop Active Directory driver (NetIQ Identity Management) to synchronize users and groups.
  • Experience on configuring Active Directory, DNS and DHCP on Windows 2012 R2 standard.
  • Manage Active Directory (Windows 2003, Windows 2008 and Windows 2012 Domains).
  • Developed organizational units in Active Directory (AD) and managed group policies.
  • Generate the report from Active Directory for active machines and Disabled machines list.

Show More

22. ASA

average Demand
Here's how ASA is used in Security Engineer jobs:
  • Configured Cisco 7204 routers which were also connected to Cisco ASA 5540 security appliances providing perimeter based firewall security.
  • Implemented new Cisco ASA's, installed the framework for Cisco ACI and implemented new F5 LTM's and GTM's.
  • Make configuration changes, based on change control requests, on Cisco PIX, ASA, switch and router devices.
  • Performed Cisco ASA firewall troubleshooting and policy change requests for new IP segments that come on line.
  • Engineer and design for company's VPN solution including both Cisco VPN 3030 and Cisco ASA 5510.
  • Developed solution on Zero downtime migration for ASA 8.2 or lower to 8.3 or 8.4 or higher.
  • Configure firewall rules on CISCO ASA to allow or drop traffic to and from different destinations.
  • Configured and maintained ASA firewall systems (Firewall Administration, Rule Analysis, Rule Modification).
  • Developed troubleshooting skills on basic HTTP, ESMTP, DNS, ICMP inspection on ASA.
  • Configured and Administered Cisco ASA 5585 firewalls which includes setting up the different zones.
  • Configured SITE_TO_SITE VPN on Cisco ASA 5500 series firewall between Headquarters and Branch office.
  • Worked on the migration project of Converting old PIX firewalls into new ASA firewalls.
  • Provided customer support service in the configuration and maintenance of ASA firewall systems.
  • Update ASA Firewall Policies using CLI and CSM on Cisco 5580's firewalls.
  • Contributed to setting up and configuration of CISCO ASA 5540 Firewalls on system.
  • Designed, configured, installed and ran Cisco 3060 and ASA VPN environments.
  • Configured and administered Cisco ASA, Cisco PIX and Cisco IOS firewalls.
  • Maintain security patches on appliances such as Cisco ASA 5510, 5512.
  • Well versed in both the Cisco ASA and PIX firewall security appliances.
  • Managed Cisco ASA Firewalls, and Cisco Iron Port appliances.

Show More

23. Nessus

average Demand
Here's how Nessus is used in Security Engineer jobs:
  • Provide direction and support for maintaining perimeter security with periodic penetration testing utilizing Nessus and GFI LAN Scanner.
  • Performed web application vulnerability scans and Pen testing utilizing SNORT, Nessus, client/configuration.
  • Performed vulnerability assessment and penetration testing using open source tools such as Nessus.
  • Executed Nessus vulnerability scans and generated custom reports for security analysis.
  • Manage and administer Tenable Security Center and Nessus for Vulnerability scans.
  • Performed vulnerability testing using tools such as Nessus and QualysGuard.
  • Run Nessus vulnerability scans and configure policies and configurations.
  • Installed and configured Nessus vulnerability scanner.
  • Executed targeted scans with Secure Elements and Nessus to verify that the desktop environments were compliant to FDCC standards.
  • Scan systems using AppScan and Nessus to identify vulnerabilities and ensure remediation has taken place on unacceptable risk.
  • Leveraged OpenSCAP and Nessus Security Scanner as an additional level of confirmation that benchmarks have been met.
  • Utilized Nessus to scan systems for vulnerabilities according to defined CIS benchmarks.
  • Provided enterprise scanning solutions through approved DoD scanning tool (Nessus).
  • Use Nessus Scanner to scan user desktops and Network devices for vulnerabilities.
  • Performed vulnerability scans & assessments for the Security via ISS and Nessus.
  • Performed OS hardening for baselines and applications using Nessus scanning software.
  • Implemented Scanning procedures using Retina- Nessus and Ip360.
  • Use Nessus and Tenable SecurityCenter.
  • Provide day-to-day management/maintenance of ArcSight devices Performed Nessus Vulnerability scanning/reported findings
  • Performed vulnerability scans using Nessus, Qualysguard and created report on high level vulnerabilities.

Show More

24. Nist

average Demand
Here's how Nist is used in Security Engineer jobs:
  • Supported distributed security administrative environment.
  • Change Management to highly sensitive Computer Security Controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
  • Developed a 64 page security assessment document for the current Security Administrators to use in remediation of security control weaknesses.
  • Provided system administration in specialized areas such as software, critical networked servers, data access/analysis, and academic research.
  • Established processes and guidelines for critical key controls in user access management, network connectivity, and firewall administration.
  • Created security policy and directed systems/network administrators and customer care technicians on the application of policies to customer hosts.
  • Test connectivity, credentials and coordinate with database administrators to ensure the entire environment is being covered.
  • Created user accounts, modified and deleted according to the environment using user administration in Active Directory.
  • Studied and analyzed client requirement to provide solutions for network design, configuration, administration and security.
  • Assisted network administrators, security consultants and business partners worldwide with advanced IP and security issues.
  • Provide technical direction for application implementations, including: architecture, configuration, and administrative support.
  • Gathered internal and external documentation as required by NIST for federal government enterprise security architecture.
  • Provided expert technical and procedural security engineering guidance to operational forces in Kuwait and Afghanistan.
  • Provide enterprise management of perimeter and internal firewall implementation, administration, day-to-day tasks.
  • Administer a process for patch management and vulnerability auditing, monitoring corresponding reports.
  • Provide patch compliance verification and remediation data to command and enclave systems administrators.
  • Provided backup support to Windows Active directory systems administration and data storage services.
  • Manage and administer Windows/3rd party Patch Deployment and status of overall network nodes/devices.
  • Provide guidance and support to UNIX security incident management and access administration teams.
  • Provided advanced security system monitoring for Administrators and end-users in network data security.

Show More

25. Access Control

average Demand
Here's how Access Control is used in Security Engineer jobs:
  • Developed and maintained an access control database used to track access security incidents.
  • Engineered and maintained access control mechanisms surrounding sensitive information.
  • Integrated municipal facilities in with access control system.
  • Access control check to identify the privilege escalation issues on various roles and ensuring the closure by overall framework implementation.
  • Performed PAM Operational tasks defining Access Control, User Entitlements, Management of Applications Credentials and User Access Policy Management.
  • Worked on Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
  • Collaborate with Architecture Solution team to improve AWS IAM access control using Microsoft AD federation and IAM Assume Role functionality.
  • Designed and implemented NAC (Network Access Control) for South Florida locations, 9 ships and 2 international offices.
  • Acted as a Sub-Contractor for Burglar Alarm, CCTV, Access Control, VOIP and network Point of Sale applications.
  • Worked with different teams understand the job responsibility and implementation of RBAC (Role Based Access Control) model.
  • Team member of two Engineers who were responsible for supervision maintenance and expansion of card access control system.
  • Created DMZ interfaces, Access Control Lists, and policy maps for new system deployments and routing changes.
  • Managed access using role based access control, administer user accounts, passwords, and password aging.
  • Implement access control and security policy per requests and providing level 3 support to the Security Analysts.
  • Created full security systems design for access control, CCTV, intrusion alarm, and intercom systems.
  • Install and configure Check Point firewall NG on (windows server) and maintain access control.
  • Configured route- maps and ACL (Access Control List) to secure and control WAN traffic.
  • Applied DOD and Information Assurance mandated security blocks and access control lists to routers and firewalls.
  • Created Access Control List and protected object Policies and authorization rules for fine grained access control.
  • Ensured appropriate management processes, access controls, monitoring, and auditing were present and acceptable.

Show More

26. PCI

average Demand
Here's how PCI is used in Security Engineer jobs:
  • Conducted Firewall assessment and vulnerability scanning and mitigation as required by the PCI-DSS.
  • Defined PCI-DSS requirements in identifying application-level issues and enforcing regulatory compliance.
  • Contribute to maintaining our PCI-DSS certifications through addressing regulatory requirements.
  • Give recommendations for hardening solutions within PCI Compliance regulations.
  • Assisted in risk management assessment, following SOX, GLBA, and PCI, HITECH/HIPAA guidelines throughout the BD sites globally.
  • Focus on credit card and PII encryption throughout PCI environment, from mainframes, to databases and Point of Sale technologies.
  • Provided corporate business continuity, information security, and PCI DSS consulting services to business groups internal to the organization.
  • Promoted from within to take a leading role in corporate information security operations and projects including PCI and SOX compliance.
  • Participate in organization wide audits, including PCI DSS self-audits, internal Infrastructure audits and third party due diligence.
  • Discovered remote vulnerability via fuzzing and alerted major PCI vendor to patch before any type of public disclosure.
  • Formed an internal controls and compliance function to quickly and effectively audit against PCI, HIPPA and SOX.
  • Assisted first time merchants with proper PCI Self Assessment Questionnaire (SAQ) selection and completion.
  • Led project for PCI/SOX/HIPAA in which vulnerability scanning and mitigation was conducted as required by PCI-DSS.
  • Design and implemented firewall rules that satisfies client requirement and conforms to PCI-DSS security requirements.
  • Named 'Employee of the Quarter' for work on initial PCI level one validation effort.
  • Developed and maintained policies for the detection of sensitive/regulated data (PII, PCI).
  • Work as part of an interdisciplinary team to achieve project milestones (PCI Data Masking)
  • Facilitated PCI DSS 3.0 compliance certification of production cloud environment in just 2 weeks.
  • Assist in PHI audits as it relates to compliance with HIPAA and PCI regulations.
  • Supported security information and event management (SIEM) in an AWS PCI environment.

Show More

27. System Security

average Demand
Here's how System Security is used in Security Engineer jobs:
  • Develop technical comprehensive reports including assessment-based test findings, outcomes and propositions for further system security development.
  • Ensured compliance for DoD system security policies for unclassified and classified government networks and equipment.
  • Maintained System Security Authorization Agreement (SSAA) documentation packages for each assigned weather system.
  • Assisted with developing and maintaining the System Security Plan for major Information Technology systems.
  • Performed IT security certification & accreditation and conducted system security tests.
  • Implement system Security Contingency planning for data recovery and availability.
  • Design system security architecture and develop in depth security designs.
  • Generate and maintain system security and accreditation documentation.
  • Assessed assigned system to determine system security status.
  • Developed and implemented the Information System Security Program.
  • Identified and defined system security requirements.
  • Provided specific and detailed technical guidance for modifying and enhancing the National Computer Center (NCC) Information System security posture.
  • Perform non-technical security tasks such as contributing technical information to sections of the System Security Plan (SSP).
  • Assigned as the DTS Information System Security Officer, identified potential threats and responded to reported security violations.
  • Provided system security certification and accreditation for the Air Force Weather Agency (AFWA) computer systems.
  • Drafted eight information system security audit reports for FAA s Aviation Safety division (AVS).
  • Ensured that system security requirements are addressed during all phases of the system life cycle.
  • Developed System Security Plans and performed FIPS 199/NIST 800-60 Sensitivity Assessments and Risk Impact Assessments.
  • Assisted in writing, reviewing, and coordinating System Security Accreditation Agreements (SSAA).
  • Participated in the development of aggregate AIS System Security Plans for various systems of USPTO.

Show More

28. Troubleshoot

average Demand
Here's how Troubleshoot is used in Security Engineer jobs:
  • Outsourced security troubleshooter, auditor, and documentation specialist for Fortune 50 companies.
  • Involved in troubleshooting network traffic and its diagnosis using Linux operating system servers.
  • Provide operational support for client security devices including hardware and network troubleshooting.
  • Preformed packet analysis in the discovery of network intrusions and system troubleshooting.
  • Mentor junior engineer on troubleshooting and writing method and procedures documents.
  • Provided level two support and troubleshooting without any further escalation.
  • Provide third-level troubleshooting support for DLP security applications and appliances.
  • Involved in troubleshooting and monitoring the unidentified traffic on Network.
  • Provided technical and troubleshooting support and solutions to personnel worldwide.
  • Involved in troubleshooting aforementioned firewalls on a daily basis.
  • Monitor and troubleshoot customer network devices within their environment.
  • Perform new firewall installations, configurations and their troubleshooting.
  • Performed advanced troubleshooting activities related to security events.
  • Provided customer-stakeholder troubleshooting for corporate and divisional teams.
  • Monitored and troubleshoot production and corporate network issues.
  • Performed troubleshooting and remediation on applications and services.
  • Performed troubleshooting of traffic for new applications.
  • Performed troubleshooting and testing of equipment.
  • Assisted clients with in-house application troubleshooting.
  • Performed troubleshooting on various systems.

Show More

29. SQL

average Demand
Here's how SQL is used in Security Engineer jobs:
  • Developed prototype network vulnerability reporting tool using Perl and MySQL, integrating information from multiple tools in a central database.
  • Create access risk metrics and reports using SQL server reporting that goes up to a management committee.
  • Updated built-in scan templates, host detection profiles, and scanner controls including PostgreSQL support and storage.
  • Create ETL processes for importing access data into SQL databases via SSIS and SQL stored procedures.
  • Search user account, security groups identity using Microsoft SQL query commands and syntax.
  • Advance knowledge of Java based application Server architectures such as MYSQL, Tomcat.
  • Defined & created standard Groups and Roles for Oracle and SQL Server Database.
  • Established test servers on Amazon for MySQL databases using AMI's.
  • Performed hardware upgrade for application running on SQL Server 2000.
  • Identified issues like SQL injection, XSS, CSRF etc using Burp Suite.
  • Optimized ePO related policies & tasks, and shared duties for server O&M, to include SQL DB management
  • Maintained SQL databases (MySQL and SQL Server) with DBA (virtualized using XenServer 5.0).
  • Installed and configured Microsoft Clustering with SQL databases on IBM X-series, BladeCenters, HP Proliant.
  • Develop monthly report for client Oracle, SQL server, ColdFusion, systems integration expert.
  • Analyzed and resolved security faults (iframe attacks, SQL injection, DDOS).
  • Perform both manual and automation vulnerability assessment using tools like burp suite, SQLMap.
  • Customized WordPress plugins/themes utilizing Javascript, CSS, PHP, MySQL and PostgreSQL.
  • Used SQLmap to dump the database data to the local folder.
  • Identified attacks like SQLi, XSS, CSRF, logical issues.
  • Developed server-side functionality utilizing Drupal, custom PHP, and SQL queries on PostgreSQL database.

Show More

30. Juniper

low Demand
Here's how Juniper is used in Security Engineer jobs:
  • Conducted reviews of Juniper firewall/IDP logs for suspicious activities and took appropriate actions for unauthorized access attempts.
  • Analyze and translate rules from disparate environments and integrate into Cisco and Juniper environments.
  • Assisted with the design, monitoring and operational support for enterprise Cisco/Juniper network.
  • Maintain tiered security environment using CISCO and Juniper devices.
  • Provided escalation support from juniper level analyst.
  • Performed troubleshooting on network connectivity and latency issues using various Cisco and Juniper command line and other utilizes and tools.
  • Mitigate the audit risk by assisting admin users migrate to Juniper SA Series SSL VPN solution for all management traffic.
  • Upgraded all Check Point and Juniper NSM management platforms to latest approved versions.
  • Configured and maintain SSL VPN remote access using Juniper SA-6000's.
  • Lead Engineer in designing and testing Juniper Firewall Service offering.
  • Manage, troubleshoot, configuration of Cisco and Juniper firewalls.
  • Supported Juniper Firewalls using Unix Shell Services.
  • Interacted daily with Juniper's Resident and Sales Engineers (RE's, SE's), and Q1 experts.
  • Worked with NSM and ScreenOS, on the Juniper ISG2000's.
  • Configured baseline configuration for new Check Point and Juniper Netscreen firewalls prior to deployment.
  • Administer Juniper SSG series firewall in HA cluster, as well as a pair of Juniper SSG-5 vpns.
  • Managed and configured Juniper Netscreens, SRX, SA, EX, and J series platforms.
  • Managed and supported client based VPN systems(CIsco and Juniper) for employees and vendors.
  • Experience on Juniper SRX series firewalls, adding policies for natting through the F5.
  • Included hands on support for Juniper Network environment (SSL-VPN SA-6000, UAC-IC 4500, Netscreen and Junos Firewalls).

Show More

31. DOD

low Demand
Here's how DOD is used in Security Engineer jobs:
  • Provide IA Security Engineering and Certification and Accreditation of Multi-Security Level Systems in support of DoD to achieve/maintain IA certification.
  • Developed multiple Certification and Accreditation test procedures for DoD DITSCAP Certification and Accreditation projects.
  • Audit information systems against DoD regulations validating its compliance.
  • Performed Enterprise Architecture and policy definition roles for Joint Information Environment (JIE) transformation of DoD networks and information systems.
  • Acted as the Lead and primary point of contact to the DOD Traveler community for all matters concerning DTS Security.
  • Evaluated the security of DOD workstations, servers, and technologies and developed security rankings based of uses and risks.
  • Analyzed and tested Windows and UNIX based tactical systems in accordance with DoD configuration policies and the Common Criteria.
  • Collaborated with DISA IRRT to aid with the categorization of incidents as specified in DoD CJCSM 6510.1 instructions.
  • Develop and maintain Assessment and Authorization packages IAW DoDI 8510.01 and the Authorizing Official's additional requirements.
  • Utilize continuous monitoring concepts and tools to assess and measure the risk state of the DoD enterprise.
  • Researched and viewed incidents in DoD Joint Certification database (JCD) for computing related incidents.
  • Provided training on DoD compliance requirements and utilization of the Retina application to worldwide client base.
  • Hired by DoD contractor to evaluate and implement security systems to protect installations in Eastern Europe.
  • Engineered and implemented E-eye REM/Retina client/server application used by DoD to ensure IAVA compliance worldwide.
  • Reported and reacted as instructed in DoD instructions (CJCSM 6510.1).
  • Configured Network to comply by NISPOM standards as required by DoD.
  • Performed IAVM compliance and reporting services in accordance with DoD guidelines.
  • Position summary: Security sales engineer for all non-DOD Federal Agencies.
  • Manage local DHS/DoD IAVM notification, tracking and reporting system.
  • Worked with DOD and Netscape to support split key technology.

Show More

32. Siem

low Demand
Here's how Siem is used in Security Engineer jobs:
  • Utilized various security monitoring applications SIEM, Packet Analyzer, Flow Analyzer.
  • Perform SOC-Ops duties (Security Operations Center Operations) for customers & partners utilizing the 100% Proprietary Elastic-SOC SIEM platform.
  • Conduct monthly analysis of vulnerability and threat data from SIEM tool to maintain and enhance the defenses for AFS information systems.
  • Completed Preliminary assessment of the LogRythm SIEM instance and provided recommendations for changes to configuration and choice of log sources.
  • Create Ubuntu 14.04 based SIEM Sensors/Collectors for customer distribution in accordance with Hybrid Cloud infrastructure customer deployment & setup.
  • Used RSA Envision's SIEM to manage and engineer IDPS and Firewall reporting and alerting for 400+ business customers.
  • Coordinate and advise on SIEM POC reviews and trials for senior management as well as additional stake holders.
  • Configure and deploy Security Information and Event Management (SIEM) systems, tune and maintain them.
  • Reviewed security logs on a daily basis and launched investigations using the internal SIEM platform, LogRhythm.
  • Fix or enhance configurations for customer accounts, plugins & assets on the Elastic-SOC SIEM platform.
  • Acted as senior security analyst evaluating SIEM data and alerting customers to threats and remediation needs.
  • Evaluated, planned and engineered a SIEM and Vulnerability Management Program for the Service Provider Network.
  • Maintain and monitor potential attacks using and IPS tool with the correlation of our SIEM.
  • Worked on level 1 and 2 security incidents and event management using IBM Qatar SIEM.
  • Managed detective controls (SIEM) and investigated adverse security events, as appropriate.
  • Designed and implemented open source SIEM to monitor events across all systems.
  • Create periodic reports for management showing the health of the SIEM program.
  • Worked with other departments to introduce new log sources into SIEM.
  • Help develop internal and external McAfee SIEM training courses and tools.
  • Use SIEM tools to correlate events to see full history.

Show More

33. Security Requirements

low Demand
Here's how Security Requirements is used in Security Engineer jobs:
  • Recommended resolutions for security issues and breaches, and substantiated links between documented security requirements in a secure environment.
  • Review technical and non-technical security requirements (i.e., controls) to identify good candidates for automated monitoring.
  • Communicate with outside vendors of security equipment/software and develops custom specifications to ensure compliance with DOE security requirements.
  • Worked many projects supplying security requirements, risk assessments, other security consultancy as required.
  • Recommend new security service development ideas based on accumulated knowledge of project-specific security requirements.
  • Work with agency management and technical personnel to determine specific needs and security requirements.
  • Reviewed work plans and designs and advised on improvements based on security requirements.
  • Gather security requirements and provide guidance to comply with Corporate Security policies.
  • Conducted multiple vendor assessments based on HIPPA Security requirements.
  • Ensured fulfillment of security policies and security requirements.
  • Design solutions for security requirements.
  • STRIDE assessment of the applications during the design phase, identifying the threats possible and providing security requirements.
  • Performed site visits and worked with vendors throughout the I3MP process to ensure security requirements were being implemented.
  • Consult with clients and stakeholders to assess risks and to determine security requirements for planned upgrades.
  • Evaluated COTS and developed vendor products to ensure the system's design met security requirements.
  • Patch, upgrade, and maintain existing systems to meet latest security requirements.
  • Performed testing to verify that the TOC meets all security requirements.
  • Gather network and security requirements from clients and design solution.
  • Assist Cloud and Mission programs address security requirements.
  • Collaborated in the security architecture and design assessments of new products and marketing opportunities, to ensure security requirements were addressed.

Show More

34. Information Technology

low Demand
Here's how Information Technology is used in Security Engineer jobs:
  • Company provides creative business and information technology solutions for a large and diverse clientele.
  • Worked in the United States Army Medical Information Technology Center (USAMITIC) in a tier 3 escalations Security Center.
  • Coordinated approvals for laptop SSAA and Personal Information Technology Device User Statement (e.g., for Palm Pilots).
  • Maintain rule set for Cisco firewall devices and provide support to other departments in Information Technology.
  • Supported Center for Information Technology helpdesk and provided tier III technical assistance.
  • Implemented end user security awareness training programs, testing the knowledge of security compliance in relation to areas of information technology.

Show More

35. Symantec

low Demand
Here's how Symantec is used in Security Engineer jobs:
  • Provided technical analysis and application security review (recommendations) for Symantec ATP
  • Manage and document Symantec Endpoint Protection v12 installation and configuration.
  • Utilize HTML skills and understanding of java script to troubleshoot web design & development issues with Symantec related web based products.
  • Served as a Big Data SPLUNK 3 and 4 and SSIM 4(Symantec Security Information Manager) System Administrator.
  • Deploy Symantec Endpoint Protection 12.x to 14K+ Windows, Mac, and Linux client On-Prem and in Cloud.
  • Deployed and Managing Enterprise wide Symantec Endpoint Protection system to 15,000 clients across multiple regions and 400+ offices.
  • Expand Symantec Data Loss Prevention to new data centers and after corporate acquisitions and support the solution.
  • Designed and Implemented Symantec Control and Compliance Suite to scan systems enterprise wide including secure regulated network.
  • Tested and implemented the GuardianEdge(Symantec) disk encryption environment for the company's 2000+ laptops.
  • Perform malicious scans on specific assets and resolve client issues with Symantec Endpoint Protection including version upgrades.
  • Key contributor to the Symantec Endpoint Protection 12 implementation project for rules and endpoint classification.
  • Subject Matter Expert (SME) for Symantec Anti-Virus Corporate Edition version 9, 10.
  • Managed endpoint security via Symantec Client Security, LanGuard GFI, and Tumbleweed Email Firewall.
  • Head a project to institute full disk encryption on laptops using Symantec Enterprise Encryption.
  • Coordinated with other organizations, both internal (CSIRT/SOC), and Symantec manufacturer support
  • Migrated Symantec Enterprise Servers running on Windows Server 2003 to the newest release.
  • Re-mediated malicious logic codes using Symantec Endpoint Protection and Microsoft Antigen for Exchange.
  • Install and manage Symantec Endpoint Protection v12 Management Console and deployment server.
  • Gained training in RedHat Linux, LogRhythm, and Symantec DLP.
  • Implemented and administered Symantec Endpoint Protection Manager (SEPM).

Show More

36. Security Solutions

low Demand
Here's how Security Solutions is used in Security Engineer jobs:
  • Provided technical support in network assessments and product evaluations to provide analysis while recommending changes for implementing improved security solutions.
  • Develop documentation of the security requirements, high-level design, detailed design, and implementation for the security solutions.
  • Recommend additional security solutions for enhancements to existing security solutions to improve overall enterprise security.
  • Conducted studies of new security technologies to provide more efficient and cost effective security solutions.
  • Provide technical research for available security solutions to commercial and government vulnerability issues.
  • Implement security solutions according to Security Policy and Practices established by the Client.
  • Assist with information system security engineering, security solutions, and security guidance.
  • Researched security solutions and developed pen testing capabilities for internal security auditing.
  • Research, identify and certify information security solutions to mitigate information risks.
  • Test security solutions in an isolated environment using industry standard analysis criteria.
  • Reported audits and security solutions directly to the president.RFL: Contract complete
  • Review customer requirements and provide detailed AUTOCAD drawings of security solutions.
  • Collaborate with Infrastructure and Security teams to implement required security solutions.
  • Provide migration plans from old security solution to new security solutions.
  • Achieved seamless transition and integration of new security solutions.
  • Test security solutions using industry standard analysis criteria.
  • Conducted functional testing of security solutions like Novel single sign on, RSA two factor authentication, SIEM and DLP.
  • Engineer security solutions for updating legacy systems in effort to comply with new Joint SAP Implementation Guide (JSIG).
  • Provide security solutions for hardening the Agencies' Red Hat and Debian Linux systems maintained within the Information Assurance Division.
  • Performed detailed technical gap analysis of multiple vendors' security solutions and drove requirements back to product teams.

Show More

37. Cyber

low Demand
Here's how Cyber is used in Security Engineer jobs:
  • Monitor CyberArk reports and respond to failed password verification alerts and work with system account owners to resolve failure alerts.
  • Conduct Pre-Cyber Command Readiness using Security Technical Implementation Guides (STIG's) at USCG sites.
  • Involved in CyberArk significant updates from 8x to 9x versions for domestic and worldwide clients.
  • Worked with CyberArk utilities, PAR explicate, PACLI and PAR client.
  • Communicate and coordinate with USCYBERCOM and Combatant Command (COCOM).
  • Resolved CyberArk issues in CPM communicate with host to reconcile credentials.
  • Served as a liaison/ Project lead for deployment and migration of Verizon production applications from VeriSign Digital Certificate to Cybertrust Certificates.
  • Provide expertise supporting organizations to select and deploy the appropriate solutions to improve their cyber defenses within budgetary constraints.
  • Promoted security awareness among the organization staff and stakeholders through formal cyber security training classes.
  • Discover vulnerabilities within the Marine Corps Network while simulating current real Cyber threats to NationalSecurity.
  • Provide Customer and Partner feedback regarding cyberthreats, via log-correlation based analysis.
  • Lead weekly training sessions for offshore security analysts on investigating cyber attacks.
  • Developed new Cyber Security Guidelines for consideration for inclusion in 10CFR73.55.
  • Researched cyber security and recorded any discrepancies found in database.
  • Contributed on a continuing basis to related cyber security documents.
  • Supply Technical writing for cyber security monitoring and escalation.
  • Developed the initial Cyber Security Instructional Training for new hires, and revamped the required annual refresher course for all employees.
  • Provided cyber security support to the Boeing St. Louis Special Access Program (SAP) F-15 Simulator project under JAFAN.
  • Design architect for multiple specialized IT products of enterprise scale, requiring cyber security compliance, evaluation, and accreditation.
  • Plan and carry out security measures that monitor and protect sensitive data and systems from infiltration and Cyber Attacks.

Show More

38. Unix

low Demand
Here's how Unix is used in Security Engineer jobs:
  • Provide business solutions to resolve Unix security related issues escalated to the Unix security problem management team.
  • Facilitate solutions for secured communications within the Unix environment.
  • Provide training classes and mentoring to numerous business units on network architecture and cryptography of Windows and Unix environments.
  • Completed product upgrade application testing of Lotus Notes, Microsoft Exchange 2003, and UNIX/OMNI/FileNet.
  • Installed and configured SiteMinder Policy Server(6.x,12.x) on UNIX/Windows environments.
  • Used both Perl, and Unix based scripts to assist in conversions.
  • Reduced all open vulnerabilities on internal and DMZ Windows and UNIX systems.
  • Develop and update documentation relating to UNIX and web services security.
  • Perform Security patching and hardening for various UNIX platforms.
  • Developed several JDBC and Unix drivers to synchronize users
  • Secured Unix System Services on MVS systems.
  • EXecuted approved Change Management Records for PowerBroker software upgrades and policy configurations in test and production environments (Unix).
  • Installed, configured and tested successfully all CA eTrust Admin, Audit and Directory software in the Windows and UNIX environments.
  • Build detection rules in QRadar for over 50,000 Windows, Unix, and Mainframe log sources.
  • Assisted the UNIX Admin groups as needed in Tivoli problems, root and audit problems.
  • Installed Tivoli agent on all UNIX systems for internal backup.
  • Serve as subject matter expert for the UNIX and Intel team service catalog/support repertoire.. Windows server system support.

Show More

39. RSA

low Demand
Here's how RSA is used in Security Engineer jobs:
  • Designed and integrated Snorkel server with support of commercial strength RSA, DSA and DH Keys to secure the application server.
  • Plan and complete company-wide deployment of laptop encryption using PGP Universal Server, including laptops used by senior executives.
  • Configure, maintain, and manage the RSA Security Console along with the distribution of hard and soft tokens.
  • Led the development, planning, and implementation of RSA Authentication Manager and SecurID client software.
  • Managed and supported the TNSI 2-Factor authentication service on the RSA Authentication Manager.
  • Installed, maintained, and upgraded VIRSA/SAP GRC suite of security products.
  • Open FW rules for proper communication between RSA servers.
  • Configure RSA DLP solution to prevent data leakage.
  • Maintain authentication tokens for an RSA SecurID system.
  • Project member of RSA ASE/Server for SecureID.
  • Configured RSA AM 8.1 and supporting replicas.
  • Head Engineer for the RSA SecureID product.
  • Build new RSA 8.1 environment.
  • Created and applied ACI rules for Enterprise Directory attribute-driven application access for RSA Cleartrust application.
  • Developed universal forwarder procedures for unattended installation and multi-fold software instances on single systems.
  • Developed prospect list, presented proposal presentations, oversaw new jobstart-up and account management.
  • Worked on Directory Traversal attacks manually Implemented Agile Methodology to follow the work flow process.
  • Configured RSA devices with Centos and RSA proprietary software for deployment to the field.
  • Implemented RSA DLP (Data Loss Prevention) and designed data workflow documents.
  • Configured Windows servers to allow RSA logins.

Show More

40. Security Issues

low Demand
Here's how Security Issues is used in Security Engineer jobs:
  • Verified requesting agent was authorized change control agent and advised customers of security issues.
  • Perform initial triage and technical due diligence of any externally reported security issues.
  • Investigated and provided expert advice on security issues to stakeholders and customers.
  • Participated in cross-functional or cross-organizational teams on security issues.
  • Perform research of emerging security issues and vulnerabilities.
  • Evaluate new security issues, tools and technologies, and provide directional advice to senior management and executives.
  • Scan Servers, Networks and other resources to validate compliance and security issues using numerous tools.
  • Developed policy and procedure for how security issues will be handle for all Pilot sites.
  • Monitor, and resolve security issues using the security tools provided with great success.
  • Worked with clients to resolve various security issues within the products.
  • Identify security issues and risks, and develop mitigation plans.
  • Create tickets for end-user security issues and incidents.
  • Address security issues escalated from tier 1.5.
  • Utilize Arcsight for internal security issues to research the IP to the user workstation and location.
  • Handled security issues in the AIX 5.3 migration project, including AIXpert.
  • Help team to remediate security issues with sample code.
  • Architected and implemented Alert Logic Log Manager solution that meets compliance requirements and identifies security issues across the environment.
  • Help team to remediate security issues with sample code Preparation of risk registry for the various projects in the client.
  • Reviewed ePO reports to ensure that proper actions are being taken related to security issues identified in the reports.
  • Solved complex cyber security issues, while working in a dynamic, responsive, and collaborative environment.

Show More

41. SSL

low Demand
Here's how SSL is used in Security Engineer jobs:
  • Established, maintained and configured secure communication using SSL certificate generation and exchange revised and modified as necessary to secure environment.
  • Created OpenSSL solutions for self-signed-certs in development environments.
  • Developed one of the first secure Web solutions, worked with standards bodies to refine PKIX, S-HTTP and SSL.
  • Developed a process for the creation, and client communication for all SSL certificates.
  • Installed SSL certificates via BASH shell to secure websites using PKI cryptography practices.
  • Help clients to install SSL and Code Signing Certificates on various OS platforms.
  • Implemented and helped design S3L, a lightweight fully symmetric SSL-like protocol.
  • Removed SSL v. 3 vulnerability from Windows 2008 IIS 7.5 web servers.
  • Requested, installed, tested and verified new SSL certificates.
  • Performed extensive overhaul of HTTP, SSL, MS-SQL and Radius protocol parsers.
  • Remediated and identified vulnerable SSL v3 hosts across the entire network.
  • Updated SSL certificates for all websites and Radware appliances.
  • Remediated SSL Heartbleed hosts in less than 24 hours.

Show More

42. DLP

low Demand
Here's how DLP is used in Security Engineer jobs:
  • Served as DLP Single Point of Contact / SME for enterprise and SPOC for vendor technical issues resolution.
  • Enforce effective data protection policies using industry standard data loss prevention (DLP) tool.
  • Crafted DLP policies on the Exchange server to prevent leakage of PII information.
  • Work with the Legal and HR teams on DLP investigations.
  • Review DLP policies and investigate violation via non-approved devices.
  • Assisted with the creation of the DLP escalation process.
  • Deployed, maintained DLP end point agents.
  • Configured Vontu DLP to maximize efficiency, data extraction, reporting, and business security.
  • Key Achievements Led and managed the selection for a DLP tool based on business requirements.
  • Manage clients ePO environment (agents, repositories, policies, DLP).
  • Implemented and maintained DLPe full protection.
  • Upgraded DLPe 9.3x to 9.4x.
  • Assisted with DLPe OCC audits.
  • Monitored enterprise DLP/Vontu DR failover testing and SMTP prevent testing.

Show More

43. PKI

low Demand
Here's how PKI is used in Security Engineer jobs:
  • Spearheaded and developed a Standard Operating Procedure for issuing Certificate Revocation Lists within a PKI environment.
  • Managed and maintained VeriSign MPKI Portal for all internal and external digital certificates.
  • Chair Certificate Advisory Board, to decide on directions and procedures for certificate and PKI management across the organization.
  • Performed security assessment of PKI Enabled Applications and Promoted a new and cost effective Plan against Phishing Attacks.
  • Coordinated deployment of PKI digital certificates using MS CA authority for 2 factor authentication on remote access solutions.
  • Developed Disaster Recovery strategy for the Enterprise Public Key Interface (EPKI) environment supporting Ford Sync.
  • Designed, engineered and implemented early PKI identity management solutions for E Commerce and E Business systems.
  • Assisted in training deployment teams for installation and end user experience with PKI software.
  • Provided third tier resolution of trouble tickets related to x.509 PKI certificates.
  • Worked to solve PKI, PKE, and digital signature issues.
  • Recommended final OSD PKI Single SignOn (SSO) solution.
  • Conducted a tutorial on PKI and LDAP basics.
  • Implemented PKI into Windows 2008/Windows 7 environment.
  • performed security assessment of PKI Enabled Applications.
  • Conducted security assessment of PKI Enabled Applications Performed pen testing of both internal and external networks.
  • Lead engineer for physical to virtual migration of all PKI systems at Department of State.
  • Developed the first large scale PKI solution for the government (Intelink).
  • Deploy virtual templates for PKI servers being virtualized from physical servers.
  • Developed and implemented the Disaster Recovery procedure for the Entrust PKI.
  • coordinated meeting with external participants to adhere to the agreed upon schedule Reviewed SSP and established an accredited lab for the PKI

Show More

44. Nmap

low Demand
Here's how Nmap is used in Security Engineer jobs:
  • Port scanned servers using NMAP and closed all unnecessary ports to reduce the attack surface.
  • Used NMAP and other industry standard COTS tools to complete C&A Packets.
  • Used Burp Suite, DirBuster, HP Fortify, NMap tools on daily basis to complete the assessments.
  • Performed network and system scanning with nmap and zenmap.
  • Perform security assessments of systems and applications utilizing Web Inspect, AppScan, Qualys and nmap.
  • Designed and wrote a web front-end for managing network port (nmap) scans.

Show More

45. Risk Assessments

low Demand
Here's how Risk Assessments is used in Security Engineer jobs:
  • Performed risk assessments and threat modeling to articulate the levels and types of security controls appropriate application/product initiatives.
  • Created Security Risk Assessments of Check Processing Services Project implementation and other projects.
  • Led several risk assessments and annual penetration tests and the associated remediation plans
  • Performed vulnerability/risk assessments and analysis on I3MP AIS using security related tools.
  • Performed initial and residual risk assessments using automated ISS Scanner.
  • Performed network risk assessments, vulnerability analysis and penetration testing.
  • Perform security risk assessments of technology components.
  • Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
  • Perform internal security risk assessments at the corporate Store Support Center (SSC) in the Atlanta area.
  • Conducted IT security risk assessments including, threat analysis and threat modeling (STRIDE, DREAD).
  • Perform security risk assessments on new technology and applications under review for use on the USCG network.
  • Performed security audits, evaluations, and risk assessments to make sure systems were in compliance.
  • Performed Risk Assessments for 3rd party vendors wishing to integrate their hardware/software onto the CHS network.
  • Performed risk assessments of the systems, create risk assessment report and document residual risk.
  • Utilized OWASP and Ounce Labs formal methodology to conduct code reviews and risk assessments.
  • Provide High level risk assessments, documentation of gaps, and mitigation controls.
  • Performed qualitative risk assessments of outsourced and new systems.
  • Documented and remediated security risk assessments.
  • Conduct onsite risk assessments for compliance with HIPAA Meaningful Use Implement program and oversee the maintenance of DLP software and hardware.

Show More

46. Application Security

low Demand
Here's how Application Security is used in Security Engineer jobs:
  • Perform penetration testing, application testing, web application security assessment, social engineering and wireless assessment.
  • Developed organizational wide application security training for developers, architects, senior managers, executives, etc.
  • Reviewed daily logs for network and application security controls, resulting in an improved security posture.
  • Identified gaps and identified solutions to improve risk management and application security practices.
  • Establish Application security review methodology for in-house and hosted environments.
  • Administered application security access for employees on multiple platforms.
  • Participated in committee developing web application security standards.
  • Established PepsiCo's application security program.
  • Network and application security monitoring.
  • Perform Mobile application security assessments.
  • Performed Static application security testing (SAST) and Dynamic application security testing (DAST) on production applications.
  • Performed manual application security testing on the everyday changes carried out in the application.
  • Perform onsite and remote security consulting including penetration testing, application testing, web application security assessment and Threat modeling.
  • Performed application security testing for stand alone and web based applications.
  • Architected Web Application Security solution architecture.
  • Provide services for Azure Information Protection, Cloud Application Security, Addolum, and IQProtector for Microsoft Clients.

Show More

47. Security Posture

low Demand
Here's how Security Posture is used in Security Engineer jobs:
  • Improved security posture by identifying and reporting on web and network vulnerabilities and included recommendations for improvement and tracking through resolution.
  • Supplied customers with recommendations on implementing new security technologies to improve the security posture of complicated environments.
  • Diagnosed complex networking problems in various environments and offered recommendation for building a hardened security posture.
  • Assisted and prepared for several security audits, resulting in the organization improving its security posture.
  • Interpret security requirements into technical solutions and analyze system configurations to determine security posture.
  • Monitored and managed computer security posture for a network comprising 1,514 computer systems.
  • Utilized industry tools to harden the organization's technical security posture.
  • Implement wireless penetration tests to assess compliance with established security posture.
  • Led the Information Vulnerability Management (IVM) process at ADNET to ensure compliance and increase the network's security posture.
  • Assessed current state of Security posture, and prescribed plan to Senior Management for improvement of Security over two years.
  • Develop and maintain customized scanning tools written in PERL and used to validate the security posture of network systems.
  • Initiated and participated in meetings with the stakeholders on improvement of security posture of the agency's assets.
  • Create reports based on log data for weekly reviews of internal security posture.
  • Assess security posture and document remediation for Air Force bases and tenant units.
  • Helped improved the security posture by staying current with the latest technology.
  • Assess security postures of various IS systems.
  • Spearhead the implementation of multi-factor authentication and single sign-on solution to increase security posture and streamline identity access management.
  • Inspected organizational units security posture to ensure security of their resources were adequately being protected from intruders.
  • Monitored security posture and security incidents in regards to trending outside and inside threat vectors.
  • Created and defined Nexpose vulnerability scanning rules for assessing security posture and compliance.

Show More

48. DNS

low Demand
Here's how DNS is used in Security Engineer jobs:
  • Designed a wide area Windows networks using, implementing DHCP/WINS/DNS, for all of General Motors Truck Plants.
  • Discovered improper use of DNS names across multiple applications and took initiative to correct it.
  • Implemented IP security measures and cured areas of DNS vulnerability.
  • Make internal and external DNS changes.
  • Maintain systems including: ACAS, Syslog, LogLogic, HBSS, DNS Servers, Cisco Servers and Firewall Management.
  • Work to ensure that F5 load balancers, 3DNS, GTM's are implemented, maintained and highly available.
  • Design the network and virtualization architecture - including DNS, replication, Routing, DMZ, DR etc.
  • Migrate Sony F5 3DNS 4.6.x to GTM 9.2.x global load balancers across two data center.
  • Maintained DNS security via DNS ACLs and other DNS security measures.
  • Maintain DNS appliances from Infoblox.

Show More

49. Vmware

low Demand
Here's how Vmware is used in Security Engineer jobs:
  • Designed and implemented Hyper-V environment for development teams; transitioned VMware machines to Hyper-V..
  • Provided security input for the VMWare implementation projects.
  • Assisted with the development of a new virtual server environment using Hyper-V and VMWare technology to replace all legacy servers.
  • Replicate customer's issues in a lab environment using VMWare and actual hardware (SPLAT, Nokia).
  • Installed and configured TIM/TAM using VMware server(Ubuntu) hosting WinServer 2012 domain and machines.
  • Configure VMWare View client to have access to VDI workstations.
  • Utilized Chef, Vagrant, and VMWare for deployment.
  • Utilized VMWare ESXi to run scripts written in Python, Ruby, PERL and C for testing purposes.
  • Designed and deployed Microsoft Hyper-V and VMWare ESXi.
  • Installed and Maintained Virtual Machines (VMs) using VMWare Vsphere, VmWare Workstation and Oracle Virtual Box.
  • Advanced working knowledge of cloud and virtualization management products in OnApp and VMware (ESXi).
  • Build and configured VMware virtual machine templates for Redhat/Centos 6 & 7 servers.
  • Support a large multi-site, multi-datacenter environment that utilizes VMware and VMotion techniques on NetApp grade SAN to deliver 24x7 availability.
  • Manage large scale cloud deployment utilizing Xen, OpenStack, and VMware.

Show More

50. F5

low Demand
Here's how F5 is used in Security Engineer jobs:
  • Designed a Highly Available Redundant network around the F5 that will provide total state full redundancy down to the port level.
  • Managed cloud-based security systems on behalf of F5 clients, providing real time mitigation and resolution of security events.
  • Engage directly with F5 clients who are under attack via phone, chat, email and/or ticketing systems.
  • Trained in F5 LTM Essentials, BIG-IP and ASM via internal F5 Instructor-led training and video modules.
  • Configured F5 LTM's for VIP's, virtual servers as per application requirements.
  • Configured and maintain GTM and LTM load balancing appliances from F5.
  • Conducted testing in the F5 Lab environment before going to Production.
  • Configure F5 BigIP GTM and LTM pools for critical applications.
  • Retained knowledge on the inter-workings of the F5 Big-IP.
  • Manage GTM/LTM via F5 Enterprise manager.
  • Upgrade the code in F5 LTM's in the lab environment and working on VIP's and Virtual servers configuration.
  • Provided real-time incident management of online fraud, DDoS or other security attacks targeting F5 clients.
  • Traffic capture using TCPDUMP and analytics profiles on f5 for further investigating the issue.
  • Performed updates and modified Palo Alto firewalls (F5).
  • Designed, planned, implemented DMZ using F5 load balancers.
  • Designed, deployed and support Firepass F5s.
  • Implement changes on switches, routers, F5 LTM load balancers.
  • Load balancer configurations such as F5 and Citrix and Cisco ACE and CSM.
  • Virtualized F5 Big ip for grid cloud operating system.

Show More

20 Most Common Skill for a Security Engineer

Firewall14.2%
Vulnerability Assessments11.8%
Web Application7.1%
Infrastructure7%
Windows XP6.9%
Security Policies5.9%
VPN4.2%
Information Security4.2%

Typical Skill-Sets Required For A Security Engineer

RankSkillPercentage of ResumesPercentage
1
1
Firewall
Firewall
8.9%
8.9%
2
2
Vulnerability Assessments
Vulnerability Assessments
7.4%
7.4%
3
3
Web Application
Web Application
4.4%
4.4%
4
4
Infrastructure
Infrastructure
4.4%
4.4%
5
5
Windows XP
Windows XP
4.3%
4.3%
6
6
Security Policies
Security Policies
3.7%
3.7%
7
7
VPN
VPN
2.6%
2.6%
8
8
Information Security
Information Security
2.6%
2.6%
9
9
IDS
IDS
2.5%
2.5%
10
10
Ips
Ips
2.5%
2.5%
11
11
Disa
Disa
2.2%
2.2%
12
12
Network Security
Network Security
2.1%
2.1%
13
13
Checkpoint
Checkpoint
2.1%
2.1%
14
14
Linux
Linux
2.1%
2.1%
15
15
Incident Response
Incident Response
1.9%
1.9%
16
16
Assurance
Assurance
1.8%
1.8%
17
17
Security Assessment
Security Assessment
1.8%
1.8%
18
18
Intrusion Detection
Intrusion Detection
1.8%
1.8%
19
19
Mcafee
Mcafee
1.7%
1.7%
20
20
Internet
Internet
1.7%
1.7%
21
21
Active Directory
Active Directory
1.7%
1.7%
22
22
ASA
ASA
1.7%
1.7%
23
23
Nessus
Nessus
1.6%
1.6%
24
24
Nist
Nist
1.6%
1.6%
25
25
Access Control
Access Control
1.5%
1.5%
26
26
PCI
PCI
1.5%
1.5%
27
27
System Security
System Security
1.5%
1.5%
28
28
Troubleshoot
Troubleshoot
1.5%
1.5%
29
29
SQL
SQL
1.5%
1.5%
30
30
Juniper
Juniper
1.4%
1.4%
31
31
DOD
DOD
1.4%
1.4%
32
32
Siem
Siem
1.4%
1.4%
33
33
Security Requirements
Security Requirements
1.4%
1.4%
34
34
Information Technology
Information Technology
1.3%
1.3%
35
35
Symantec
Symantec
1.3%
1.3%
36
36
Security Solutions
Security Solutions
1.3%
1.3%
37
37
Cyber
Cyber
1.2%
1.2%
38
38
Unix
Unix
1.1%
1.1%
39
39
RSA
RSA
1.1%
1.1%
40
40
Security Issues
Security Issues
1.1%
1.1%
41
41
SSL
SSL
1%
1%
42
42
DLP
DLP
1%
1%
43
43
PKI
PKI
1%
1%
44
44
Nmap
Nmap
1%
1%
45
45
Risk Assessments
Risk Assessments
1%
1%
46
46
Application Security
Application Security
1%
1%
47
47
Security Posture
Security Posture
0.9%
0.9%
48
48
DNS
DNS
0.9%
0.9%
49
49
Vmware
Vmware
0.9%
0.9%
50
50
F5
F5
0.9%
0.9%

31,669 Security Engineer Jobs

Where do you want to work?