Sr Infrastructure Security Eng

Job Summary

The Senior Infrastructure Security Engineer reports directly to the Director of IT Infrastructure with a dotted line to the Network and Windows teams in a matrix organization.   The engineer has responsibility for the integration and development of processes, tools, technologies, relating to security service offerings. 

Job Description

•    This individual will leverage leading-edge technologies, and innovative approaches to position Vicor for measurable success; improving efficiency, increasing security posture, supporting aggressive growth and improving the Security Operations program overall.  The individual will include skills to be a subject matter expertise in Enterprise Vulnerability Management, OT/IoT security, log management, and Cyber Security Risk Management and Mitigation.  
•    This role will also include implementing both Windows and Network devices with an eye toward secure best practices.  
•    This role will contribute to deploy and maintain systems, which include servers networking and desktop related security images and standards.  
•    Configure networks to ensure their smooth and secure/reliable operation for fulfilling business objectives and processes. 
•    Monitor network performance/security and troubleshoot problem areas as needed. 
•    Define and provide direction to our managed security service providers consistent with best practices.   
•    Create and maintain documentation related to network and server configurations, mapping, processes, and service records.  
•    Implement and maintain security policies, procedures, and associated plans for network administration and usage. 
•    Conduct research on security products, services, protocols, and standards to remain abreast of developments in the industry and provide solution recommendations as needed to meet business or application needs.  
•    Practice asset management, including maintenance of device component inventory and related documentation. Monitor/test security performance and provide related metric reports.  
•    Oversee new and existing equipment, hardware, and software upgrades. 
•    Coordinate the establishment of processes, procedures and documentation to insure 7 x 24 availability of local/wide area networks and servers.  Working outside of normal hours is expected along with providing on-call support coverage. 
•    Define security policies and translate them into specific technical guidance for IT and business teams.  
•    Develop technical solutions to help mitigate security vulnerabilities and automate repeatable tasks.  
•    Administer security-focused information systems, such as identity management, data loss prevention, SIEM, and eDiscovery/forensics.  
•    Perform (or coordinate) vulnerability and penetration testing and manage remediation of systems in response to findings. 
•    Collaborate with other infrastructure engineering personnel to assess near- and long-term network capacity needs. 

Education / Qualifications

•    Bachelor's degree in Computer Science, or equivalent 
•    10+ years of direct experience with networking and Windows with over 5 years as a Cybersecurity Professional
•    Network, Windows or Cyber Security certifications are highly desirable and are a plus
•    Knowledge of TCP/IP, VLANS and routing protocols along with troubleshooting techniques with network management software. 
•    Demonstrated experience with successful provisioning of network and windows design implementation as well as experience with network capacity planning, network & windows security principles, and general network management best practices. 
•    Demonstrated experience with managing third party vendors and managed service providers consistent with industry best practices. 
•    Solid understanding of IT security principles including identity, access management, compliance, cloud security, encryption, Data Loss Prevention Software, Privileged Access  Management Software and SIEM
•    Strong knowledge of network equipment, including Cisco routers and switches, Firewalls, Site-to-Site VPN, and TLS remote access required.  Specific experience and strong technical knowledge working with Cisco routers, Switches, and Security appliances
•    Experience with Linux and Windows controls including patch management, security hardening, AV, and other endpoint security solutions with security tools/technologies such as single sign on, audit management, TDR, Spam, and DLP software tools etc. 
•    Competence with security testing tools and procedures for network and server environments
•    Strong interpersonal, written, and oral communication skills and be highly self-motivated and directed, with keen attention to detail & customer focus
•    Knowledge of secure voice and wireless communication is a plus
•    Able to conduct research into Server, networking and security issues as required with proven analytical and problem-solving abilities along with effectively prioritizing tasks in a high-pressure environment with strong customer service orientation and experience in a team-oriented, collaborative environment.