[Owasp-austin] Security Engineer Opening @ NIC in Austin, TX

Stevens, Scott sstevens at egov.com
Mon Oct 10 21:14:12 UTC 2016

Specifics on Opening:

Working at NIC, Inc. - http://www.egov.com/careers

Security Engineer
Location:             TEXAS NICUSA LLC (Austin)
Job Code:            639
# of Openings:   1

The Texas NIC Security Team is currently searching for a  Security Engineer.  NIC is the leading provider of outsourced eGovernment services. We build and manage official government Web sites and eGovernment services for 30 states and hundreds of local governments in the United States.  NIC designs, manages, and markets eGovernment services on behalf of state and local governments.  We partner with government leaders and establish local offices to provide customized solutions for each government we serve. Our electronic government solutions use technology to increase efficiency and reduce costs for governments and their constituents.
Day-to-Day Activities:
*             Analyze and design security solutions for applications and infrastructure
*             Assist in deploying, configuring, and maintaining Security Operations tools, applications and services
*             Assess current and new IT environments and make recommendations to increase security
*             Identify and document information security risks and propose mitigating controls
*             Perform analysis on events raised by Security Operations applications and tools
*             Conduct security assessments and web application security scans and penetration tests
*             Prepare system security reports by collecting, analyzing, and summarizing data and trends
*             Provide departmental support in incident response activities
*             Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; participating in professional organizations
*             Other activities based on business priorities and candidate capabilities

Position-specific Required Skills:
*             Five years of job related experience in the information security field with at least 3 having a security assessment, vulnerability management and application security focus
*             A firm understanding of the OWASP Top 10 and the various mitigation strategies for these vulnerabilities within a corporate enterprise environment.
*             Basic Forensic and Investigation Skills
*             Familiarity with security compliance standards such as PCI-DSS, ISO 27002 or NIST 800-53
*             Identify and follow priorities and take full responsibility for assigned tasks
*             Ability to collaborate and work well within a team
*             Excel at problem solving
*             Customer service orientation - an attitude of "yes, here's how", instead of "no"
*             Work to deadlines in fast paced environments
*             Thrive in flexible day-to-day work
*             Ability to solve problems given incomplete information
*             Excellent communication skills, including good verbal and written abilities
*             Strong organizational and prioritization skills
*             Self-motivated and strong sense of accountability
*             Good working knowledge of Unix/Linux, Windows and Virtualized operating systems
*             Firm understanding of the following:
o             Firewalls and Network topology
o             Intrusion Detection/Prevention
o             Vulnerability testing
o             Operating System hardening
o             Antivirus and APT tools
o             Web Application functionality
o             Encryption Protocols and Methods
o             Data Loss Prevention
o             Strong Authentication
o             File Integrity Monitoring
o             System and Device Configuration Management
o             Information Security best practices and common processes
*             Experience using Splunk, Splunk Enterprise Security (ES), and other Security Information and Event Management (SIEM) tools
*             Experience with various DDoS response and mitigation strategies
*             Proficiency in scripting languages (BASH, Python, Perl)
*             Understanding of internal control concepts and policies

Position-specific Desired Skills:
*             Experience with Agile-focused development teams and Atlassian tools
*             Professional security certification strongly preferred, such as CEH, CISSP, GIAC, Security+ or other applicable industry certifications, but will consider all individuals with experience and desire to succeed in Information Security
*             Prior experience with regulatory audits such as SOX and PCI are strongly preferred
*             A strong ability to interpret and explain risk
*             Experience working with government entities, especially state and local governments
*             Familiarity with various DDoS response and mitigation strategies
*             Some experience with commercial application security testing tools (BurpSuite, AppSpider, NetSparker, etc), static code analisys tools (Checkmarx, Parasoft, Veracode, etc) as well as various open source tools (e.g. SamuraiWTF, Kali Linux, etc)
*             Related college degree preferred

Selling Points:
*             Opportunity to work with innovative and forward thinking Security Team
*             Position reports directly to Texas NICUSA CISO
*             Highly visible and executive supported security program
*             Hands-on exposure to a variety of cutting edge tools and technologies
*             Excellent work life balance and culture
*             Competitive compensation program
*             No-cost group medical/dental insurance
*             Stock purchase plan
*             Matching 401(k) contributions with 100% vesting
*             Disability insurance
*             Life insurance
*             Company wellness program

NIC is an equal opportunity employer.  All qualified applicants will receive consideration without regard to race, religion, color, national origin, sex, age, disability, status as a protected veteran, or any other characteristic protected by applicable federal, state or local law.

Scott Stevens
Sr. Security Operations Engineer, CISSP
100 Congress, Suite 600 | Austin, TX 78701
T. 512.651.9891 | C. 512.897.9082 | F. 512.651.9334

Visit the award-winning official website of Texas:

[cid:image006.png at 01D22311.54D950B0]<http://www.texas.gov/>
This email and any attachments are confidential. If you are not the intended recipient, you do not have permission to disclose, copy, distribute, or open any attachments. If you have received this email in error, please notify us immediately by returning it to the sender and delete this copy from your system.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20161010/dc7042f8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 7435 bytes
Desc: image005.png
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20161010/dc7042f8/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 8130 bytes
Desc: image006.png
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20161010/dc7042f8/attachment-0003.png>

More information about the Owasp-austin mailing list