Senior Security Engineer

About Client:The Client is a renowned multinational technology company which has grown to become one of the world's most influential and successful companies in the field of software development, computer hardware, and related services.The Client s primary focus revolves around developing, manufacturing, and licensing a wide range of software products, including the globally recognized operating system, Windows. It has released several versions of Windows, catering to both personal computers and servers, which have become integral to the functioning of millions of devices worldwide.Apart from Windows, client offers an extensive portfolio of software applications and tools for both individuals and enterprises.Moreover, client has a substantial presence in the field of artificial intelligence (AI) and research, working on projects like the development of conversational AI agents, natural language processing, and machine learning technologies.Rate Range: $100-$115/HrJob Description:This person is responsible for the preservation of the confidentiality, integrity, and availability of customer data.The Security Engineer reports to the customer Director of Information Security and delegates and is responsible for all tasks as assigned.The position is interdisciplinary, with a wide range of desired technical and non-technical expectations including, but not limited to:Operation and administration of enterprise-level web application firewalls, application delivery controllers, vulnerability scanners, web content filtering systems, intrusion prevention systems, and security information and event management systems.Implementation and oversight of social media security processes.Organization and analysis of patch management processes and procedures.Participation and analysis of cyber threat intelligence efforts.Monitoring systems and response to alerts, events, and/or incidents.Preparation of briefings/reports as needed to keep senior management informed of security projects.Adaptability, flexibility, and the ability to do quality work under tight deadlines.Prepare security standards, policies, and procedures.Conduct system security and vulnerability analyses and risk assessments.The ideal candidate will have a strong knowledge of and experience with the following products and concepts:Design, implement, maintain, and operate security technologies including reverse proxies, forward proxies/web filtering, web application firewalls, IPS/IDS, SIEM, password management, DLP, vulnerability scanners, and other applications and appliances.Administration and hardening of Windows 8.1 and 10 desktop and mobile clients and Windows Server 2012 and later servers.Identity and access management and administration of Active Directory Domain Services.Encryption and data protection using Public Key Infrastructure and x.509 certificates and administration of Active Directory Certificate Services.Virtualized systems administration using Hyper-V, VMWare, and Azure IaaS.Routing, DMZ, VPN, IPSec, DNS, firewalls, intrusion detection systems, DoS attacks, 802.11, GSM, EV-DO, radio frequencies and technologies, Wireless Security, and RADIUS.Application Security including SDL, cross-site scripting, cross site request forgery, SQL and command injection attacks, threat modeling, fuzzing, malware, and Trojans.Enterprise hardening techniques including Pass the Hash/Golden Ticket Mitigation, LAPS, Lateral Traversal Mitigation, and Tier-0 Account Protection.Solid experience with public key infrastructure (PKI)Experience with certificate lifecycle managementSolid experience with Microsoft Certificate ServicesExperience with commercial Certificate Authority providersStrong proficiency in cryptographyGood understanding of secure coding techniques and IT security principals in generalExperience in building and setting up Sonatype Nexus-IQ server and Nexus NXRM.Experience in scanning the packages using Nexus-IQ server for security and vulnerability checkProvide technical recommendations on how to improve their Software Supply Chain and DevSecOps practices using Sonatype solutions.Add Nexus Firewall to stop OSS risk from entering your SDLC using next-generation behavioral analysis and automated policy enforcement.Must have experience with CI/CDFamiliarity with tooling used in the SDLC, including VCSs (e.g., git, svn, etc.), modern build tools (e.g., Jenkins), package managers (e.g., Maven, Gradle, Nuget, NPM, etc.), artifact repositories (e.g., Nexus), continuous delivery technologies (e.g., Puppet, Chef, Udeploy, XL Deploy, etc.), container technologies (e.g., Docker, Kubernetes, Openshift, etc.)Non-benefitted (other than those mandated under state or federal law).Please note that this position does not include paid time off benefits. ApTask offers subsidized insurance coverage to our employees.About ApTask:ApTask is a leading global provider of workforce solutions and talent acquisition services, dedicated to shaping the future of work. As an African American-owned and Veteran-certified company, ApTask offers a comprehensive suite of services, including staffing and recruitment solutions, managed services, IT consulting, and project management. With a focus on excellence, collaboration, and innovation, ApTask provides unparalleled opportunities for professional growth and development. As a member of the ApTask team, you will have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success across diverse industries. Join us at ApTask and be part of our mission to empower organizations to thrive while fostering a diverse and inclusive work environment.Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.Candidate Data Collection Disclaimer:At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.If you have any concerns or queries about your personal information, please feel free to contact our compliance team atApplicant Consent:By submitting your application, you agree to ApTask's (www.aptask.com) and , and provide your consent to receive SMS and voice call communications regarding employment opportunities that match your resume and qualifications. You understand that your personal information will be used solely for recruitment purposes and that you can withdraw your consent at any time by contacting us at 732-355-8000 or help@aptask.com. Message frequency may vary. Msg & data rates may apply.About ApTask:ApTask is a leading global provider of workforce solutions and talent acquisition services, dedicated to shaping the future of work. As an African American-owned and Veteran-owned company, ApTask offers a comprehensive suite of services, including staffing and recruitment solutions, managed services, IT consulting, and project management. With a focus on excellence, collaboration, and innovation, ApTask provides unparalleled opportunities for professional growth and development. As a member of the ApTask team, you will have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success across diverse industries. Join us at ApTask and be part of our mission to empower organizations to thrive while fostering a diverse and inclusive work environment.Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.Candidate Data Collection Disclaimer:At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.If you have any concerns or queries about your personal information, please feel free to contact our compliance team at .Applicant Consent:By submitting your application, you agree to ApTask's (www.aptask.com) and , and provide your consent to receive SMS and voice call communications regarding employment opportunities that match your resume and qualifications. You understand that your personal information will be used solely for recruitment purposes and that you can withdraw your consent at any time by contacting us at 732-355-8000 or help@aptask.com. Message frequency may vary. Msg & data rates may apply.