Let’s Get to Work.
At Huron, we believe there’s a better way to achieve the type of change that delivers long-term success for our clients. It takes genuine collaboration, deep expertise, and steady focus. It takes true partnership, from day one.
Sustainable, enduring change doesn’t just happen. It requires a dedicated partner to produce measurable, long-lasting results – results that improve performance today, help chart the course for tomorrow and prepare our clients for the challenges of the future.
It’s this passionate commitment to our clients’ success that drives us. We are Huron. Let’s get to work.
Sr. Security Engineer
Job ID: 2317
Opportunity Type: Experienced
Country: United States
Job Type: Full-time Salary
The Senior Security Engineer reviews overall security for off the shelf software as well as SaaS applications to ensure Huron data is protected. This review will be done using dynamic and/or static analysis techniques. The Senior Security Engineer contributes to the development, execution, and administration of security controls, defenses and countermeasures to intercept and precept internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. The focus will be on product security with respect to web infrastructure (servers, databases, networks, and monitoring) and our security processes and procedures (application and vulnerability scanning, intrusion prevention, and credential management.) This role assists other security analysts and is an escalation point for service desk tickets focused on security. In addition, the Senior Security Engineer will provide mentoring and training to other team members.
KEY RESPONSIBILITIES INCLUDE:
• Performs security assessments, reviews enterprise initiatives for security compliance, and creates reports on issues and findings. Leverages 3rd party tools such as Veracode and HP fortify to ensure custom developed applications are coded correctly.
• Evaluates and recommends security products for the enterprise. Works with Lead Security Engineers on implementation of approved products.
• Review domain structures, user authentication, and public key infrastructure to ensure it is meeting industry best practices.
• Analyze common security issues and resolve. For more complex issues may escalate resolution to Lead Security Engineer.
• Evaluate and develops system security across the enterprise, with a concentration on account management, password auditing, network and web based application vulnerability scanning
SUCCESSFUL CANDIDATES WILL POSSESS THE FOLLOWING:
• Ability to analyze complex security issues with minimal supervision with latitude for independent judgment and decision making. Works under defined guidelines receiving little instruction on day to day work and general instructions on new assignments.
• Strong communication skills including the ability to communicate effectively with people at all levels in the organization
• Ability to problem solve with minimal supervision.
• Provides resolution to a diverse range of issues. Demonstrates judgment in selection methods and techniques for obtaining resolution.
• Contributes to team objectives and outcomes as guided while their focus is on their own work product with contribution to larger more complex projects.
BASIC CANDIDATE REQUIREMENTS:
• Strong understanding of core networking
• Knowledge of multiple operating systems including, at a minimum, Windows and Linux
• Domain structures, user authentication, and public key infrastructure
• Security assessment tools such as Nessus, BURP, and NMAP.
• Firewall and intrusion prevention technologies
• Understand database languages
• Familiarity with multiple programming languages such as PHP, Perl, Java, Python, Ruby, HTML5, and PowerShell
• 3-5 years in an enterprise environment with a focus on security technologies
• Information Security certification in one or more of the following foundational areas; Security+, Network+, or CCNA Security
• Information Security certifications in one or more of the following areas: GIAC, CEH, GWEB, GWAPT, or CISA preferred
• Bachelor degree or equivalent work experience
• Experience with Active Directory in an enterprise environment. More specifically understanding of GPO/GPP as it relates to security of user endpoints and servers.
• Proven track record with creating security assessment and corresponding reports.
• Previous experience as an ethical hacker or penetration tester.
• Contributions to open source projects/tools, ideally security related
• Current permanent U.S. work authorization required
• Job is located in Chicago, Illinois
• Travel for this position is expected to be 0-10%
At Huron, we’re redefining what a consulting organization can be. We go beyond advice to deliver results that last. We inherit our client’s challenges as if they were our own. We help them transform for the future. We advocate. We make a difference. And we intelligently, passionately, relentlessly do great work…together.
Are you the kind of person who stands ready to jump in, roll up your sleeves and transform ideas into action? Then come discover Huron.
Whether you have years of experience or come right out of college, we invite you to explore our many opportunities. Find out how you can use your talents and develop your skills to make an impact immediately. Learn about how our culture and values provide you with the kind of environment that invites new ideas and innovation. Come see how we collaborate with each other in a culture of learning, coaching, diversity and inclusion. And hear about our unwavering commitment to make a difference in partnership with our clients, shareholders, communities and colleagues.