Security Engineer Clause Samples
Security Engineer. Experience serving as the security engineer of complex technology implementations in a product-centric environment. Comfortable with bridging the gap between legacy development or operations teams and working toward a shared culture and vision. Works tirelessly to ensure help developers create the most secure systems in the world while enhancing the privacy of all system users. Experience with white-hat hacking and fundamental computer science concepts strongly desired. Primarily responsible for: ● Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews ● Develop and implement technical solutions to help mitigate security vulnerabilities ● Conduct research to identify new attack vectors Experience setting up teams for successful delivery by removing obstacles (or blockers to progress), constantly helping the team to become more self-organizing, and enabling the work the team does rather than impose how it’s done. Manages one or more agile projects, typically to deliver a specific product or transformation via a multi-disciplinary, high-skilled digital team. Adept at delivering complex digital projects, breaking down barriers to the team, and both planning at a higher level and getting into the detail to make things happen when needed. Defines project needs and feeds these into the portfolio/program process to enable resources to be appropriately allocated. Primarily responsible for: ● Deliver projects and products using the appropriate agile project management methodology, learning & iterating frequently ● Work with the Product Manager to define the roadmap for any given product and translate this into user stories ● Lead the collaborative, dynamic planning process -- prioritizing the work that needs to be done against the capacity and capability of the team ● Matrix-managing a multi-disciplinary team ● Ensure all products are built to an appropriate level of quality for the stage (alpha/beta/production) ● Actively and openly share knowledge of best practices Category 11 - Agile Coach Experience transforming initiatives to deliver lasting change within agencies that focus on delivering value for citizens. Coaches may be required to work either: ● at the team level, working with teams to ensure that delivery teams within agencies are adopting agile and performing effectively ● at the portfolio or program level, to help agencies to establish the right processes for managing a portfolio of work in an agile...
Security Engineer. Tier 3 5 Reviews device configuration, configuration changes, installs updates to device software (filters, profiles and patches) to ensure completeness and accuracy. Defines repeatable methods for resolving issues-creates new 'known issue' resolutions. Monitors device health and performance using pre-set or standard dashboards and reports. Creates new dashboards, queries and reports for use by support team and customers. Troubleshoots new or unknown issues escalated from Tier1 or Tier2 Engineers, directs Tier1 and or Tier2 to resolve issue. Addressed issues requiring escalation to Vendor (e.g., RMA activities) escalate to Tier3. Supervises Tier 1 and Tier2 Engineers. Five (5) or more years of IT security experience with managing devices of similar type. Resource Unit Resource Type Minimum Yrs/ Exp Role Qualifications Security Incident Management Incident Engineer 5 Reviews documentation (response preparedness plan, network documentation, current incident data and summaries - as available), interviews customer personnel, captures incident event and activity data, identifies potential issues, breach, or system compromise, makes recommendations for mitigation and remediation, participates on working sessions, conference and status calls, documents and presents final incident reports. Five (5) or more years of security and/or incident response experience. Possesses a practitioner's understanding of the incident response process. Digital Forensic Investigation Digital Analyst 5 Configures digital forensic tools to capture forensic data from target platforms. Performs analysis of captured data to identify evidence of indicators of compromise (IoCs), identify data (source IP, Destination IP, Ports, Protocols) related to suspicious traffic, documents and presents forensic investigation reports. Five (5) or more years of security and/or audit compliance experience. Possesses a practitioner's understanding of digital forensics requirements and process. Response Preparedness Incident Engineer 5 Performs documentation reviews, interviews customer personnel, captures preparedness support data, identifies response gaps, makes recommendations for addressing gaps, documents and presents finding and recommendation reports. Five (5) or more years of security and/or incident response experience. Possesses a practitioner's understanding of the incident response process. Resource Type Minimum Yrs/ Exp Role Qualifications Security Risk Assessment Rate Card Senior Engineer 5 Pe...
Security Engineer. Services Contractor shall provide services in accordance with the following requirements and capabilities: Experience serving as the security engineer of complex technology implementations in a product-centric environment. Comfortable with bridging the gap between legacy development or operations teams and working toward a shared culture and vision. Works tirelessly to ensure help developers create the most secure systems in the world while enhancing the privacy of all system users. Experience with white-hat hacking and fundamental computer science concepts strongly desired. Primarily responsible for: Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews Develop and implement technical solutions to help mitigate security vulnerabilities Conduct research to identify new attack vectors. $ $ U. Technical Architect Services Contractor shall provide services in accordance with the following requirements and capabilities: Experience serving as the manager of complex technology implementations, with an eye toward constant reengineering and refactoring to ensure the simplest and most elegant system possible to accomplish the desired need. Understands how to maximally leverage the open source community to deploy systems on infrastructure $ $ as a service providers. Comfortable with liberally sharing knowledge across a multi-disciplinary team and working within agile methodologies. A full partner in the determination of vision, objectives, and success criteria. Primarily responsible for Architecting the overall system, by using prototyping and proof of concepts, which may include: modern programming languages (e.g., Ruby, Python, Node.js) and web frameworks (e.g., Django, Rails) modern front-end web programming techniques (e.g., ▇▇▇▇▇, ▇▇▇▇, RESTful APIs) and frameworks (e.g., Twitter Bootstrap, jQuery) relational databases (e.g., PostgreSQL), and “NoSQL” databases (e.g., ▇▇▇▇▇▇▇▇▇, MongoDB) automated configuration management (e.g., Chef, Puppet, Ansible, Salt), continuous integration/deployment, and continuous monitoring solutions Use of version control systems, specifically Git and GitHub Ensuring strategic alignment of technical design and architecture to meet business growth and direction, and stay on top of emerging technologies Decomposing business and system architecture to support clean-interface multi-team development Developing product roadmaps, backlogs, and measurable success criteria, and writing u...
Security Engineer. The Security Engineer participates in all phases of development as needed to identify, diagnose, and mitigate security risks as early and effectively as possible. S6: ATTACHMENT/TECHNICAL EXHIBIT LISTING