Sr. Information Security Systems Engineer Qualifacts – San Isidro , Lima

Qualifacts is the largest provider of Software-as-a-Service and web-based Electronic Health Records for the behavioral health and human services market. 
Get to know us: www.qualifacts.com

The individual in this position will work to secure Qualifacts applications and infrastructure from external and internal threats; implement third-party tools to assist in detection, prevention and analysis of security threats. S/he will be responsible for installation, administration and monitoring of security products to enable vulnerability detection, intrusion detection, firewalls, identity and access management, security event monitoring, incident management, end-point protection and more.  This position is responsible for maintaining threat detection programs and is a direct liaison with our third party Security Operations Center (SOC). This candidate must have a strong understanding of operating systems, networking, web applications, and databases in addition to security specific technologies. Candidates should have familiarity with host and network security hardening, networking protocols, common intrusion techniques, and risk management concepts.

Essential Job Responsibilities:

• Maintains existing security tools, including, but not limited to Firewalls, Security Information and Event Management (SIEM), vulnerability scanning tools, e-mail gateways/spam filters, File Integrity Monitors (FIM), Identity and Access Management, and anti-virus/malware. Evaluate new products and strategies, and make recommendations for improvements where possible.

• Monitors system logs and alerts and provide first level internal response in determining the severity of alerts and escalating them to management (in conjunction with third party Security Operations Center (SOC)

• Works as part of an Incident Response Team to respond to, assess, and remediate security incidents as needed.

• Instrumental in involvement in complex IT security projects in designing or maintaining a vulnerability management program, by working closely with other operational teams.

• Maintains network configuration and administration including VLANs, ACLs, switches, routers, ISPs and firewalls (i.e. Cisco, Fortigate, etc.)

Qualifications

Education:

Bachelor's Degree in Computer Science, MIS or Information Systems or Information Security related designations.

Experience:

• 5+ years of security related experience with implementing and managing various security monitoring and threat detection.

• 3+ years of experience administering and applying security controls in production, test and development environments in a complex, heterogeneous, cross-platform environment

• 3+ years of combined IT and application, operating system, or database security work

• 2+ years experience in monitoring and securing of cloud environments such as AWS

Knowledge / Skills:

• Strong knowledge and management of the following is required: Internal/External vulnerability scanning, Open Source Security (OSS) management, penetration testing,  IT auditing, firewalls (e.g.) Fortigate, IDS/IPS, DNS, anti-virus, VLAN, VPN, SIEM, etc.

• Knowledge and management of Password Management Platforms, Encryption Platforms, Secure Monitoring/Reporting and SSO/Multi-Factor platforms

• Proficient securely managing Microsoft Windows, Windows Server, Redhat, CentOS, Ubuntu

• Knowledge of virtualization technologies such as VMware, KVM, or similar Hypervisors.

• Strong knowledge in the following web technologies: OpenStack, Openshift and other  Cloud computing platforms/microservices

• Experience in securing cloud environments (e.g. AWS)

• Experience with implementing and maintaining Identity & Access Management (IAM) solutions

• Experience Security Incident Response Handling and Incident Forensic Analysis

Preferred (not required):

• Certifications: Security+, Network+, Linux+, Certified Information Systems Security Professional (CISSP), Redhat Certified Systems Administrator (RHCSA)/RedHat Certified Engineer (RHCE), Linux+, Certified Ethical Hacker (CEH), Licensed Penetration Tester (LPT)

• 2+ years experience with web technologies such as OpenStack, Openshift, or other Cloud computing platforms and microservices

Benefits:

Health Insurances 100% covered by the company (EPS and Oncological)

In-house English classes (according to the company policy)

Casual dress code