Sr Security Engineer - Network Infrastructure - Full-time / Part-time

POSITION PURPOSE -
The Home Depot has an immediate need for a security assessor with experience with network infrastructure to join its internal security team. The candidate will help The Home Depot secure one of the world’s largest retail enterprises. The candidate must have a deep passion for information security, specifically routing, switching and firewall security and system audit. Team members will also provide Subject Matter Expertise to engineering teams on various security topics such as device hardening, access control, identity management, application and web development, database security, etc. Working with the organization, the security team member will be responsible for performing a wide variety of system assessments to include system hardening, application authentication and authorization as well as one off system review. The candidate will work with infrastructure teams to ensure that new systems have been properly secured prior to being deployed. The ideal candidate will exhibit leadership skills, will be forward thinking and will be able to work effectively in a diverse, highly talented team that is continuously striving for excellence.

The Sr. Security Engineer utilizes extensive business knowledge and strong technical experience of security to provide a secure information environment for the business. Investigate violations of Information Security Policies from Security and Associate analyst by analyzing forensic data using standard security tools and processes Develop recommendations for escalation to the Lead Security Analyst for appropriate action. Develop Disaster Recovery and Business Continuity strategies. The purpose of the position is to provide effective Information Security services that: Continuously protect our critical information assets and brand name. Assure compliance with corporate and regulatory policies/standards & industry best practices. Simplify, enhance and enable business initiatives. May perform the function to automate access provisioning across supported systems and applications along with defining and providing audit reporting.

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUN We are an Equal Opportunity Employer and do not discriminate against applicants due to race, ethnicity, gender, veteran status, or on the basis of disability or any other federal, state or local protected class.

MINIMUM QUALIFICATIONS -
Must be eighteen years of age or older.
Must pass the Drug Test.
Must successfully complete any required training or orientation courses.


EDUCATION REQUIRED -
The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED.

YEARS OF RELEVANT WORK EXPERIENCE - 3


PHYSICAL JOB REQUIREMENTS -
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

ADDITIONAL QUALIFICATIONS -
Working knowledge of one or more of the following InfoSec solutions: Anti-Virus, intrusion detection, firewalls, content filtering, rick assessment.

PREFERRED QUALIFICATIONS -
Industry certifications - CISSP, CISM, CISA, CCFE, GIAC, CCIE, CCSP, CBCP, ABCP, MBCP.

• An understanding of routing, switching, firewalls and VPN infrastructure
• Comfortable securing network devices
• An understanding of networking protocols
• Experience performing system technical assessments
• 2+ years of experience performing security test against network equipment
• Experience using penetration testing tools such as Nmap, Metasploit, Burp Suite Pro, Wireshark, Aircrack-ng suite, etc.
• An understanding of a scripting language, python preferred.
• An understanding of PCI-DSS
• Experience conducting mobile application security assessments is a plus
• Excellent written and verbal communication skills
• The ability to work both independently and as part of a team

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES -
Assessment tools, technologies and methods.

Designing secure network, systems and application architectures.

Disaster recovery, computer forensic tools, technologies and methods.

Researching and developing security policies, standards and procedures.

System administration role with experience in supporting one of more platforms/applications.