This site uses cookies. To find out more, see our Cookies Policy

IT Security Engineer Level III in Norfolk, VA at PRA Group

Date Posted: 6/13/2018

Job Snapshot

Job Description

We invite you to explore a future with us at PRA Group, a diverse and growing company that has a tangible impact on the global economy.

Position Summary: 



In this role, the person will design, and monitor internal and external access controls, security safeguards and associated processes to protect the confidentiality, integrity and availability of PRAA information systems assets. Participate in evaluating new technologies and applications, assessing vulnerabilities and risks, detecting and responding to incidents, and recommending appropriate safeguards. Assist in the evaluation, selection, implementation and administration of security software across platforms. Assist in implementing policy and control frameworks, and promoting security awareness and compliance throughout the corporation.

The individual in this position interacts closely with product vendors and service providers, personnel from various IT departments — including Service Desk, Data Center, and Server Admin teams — as well as with business departments. In-depth knowledge of PRA's operating systems and security applications, as well as expert knowledge of network protocols and tools, is required.Day-to-day functions include (but not limited to):

  • Develop and implement an information system security policy
  • Design, implement and maintain network security guidelines and a security infrastructure for the corporation.
  • Develop and ensure successful implementation of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification and destruction.
  • Develop and implement penetration testing and procedures.
  • Develop, implement and maintain an alerting, archival and event log management system.
  • Monitor compliance with information security policies and procedures. Monitor network, devices and servers for security violations
  • Conduct data security forensic analysis and risk assessment for the entire infrastructure
  • Develop and maintain a disaster recovery plan
  • Assist departmental technical staff in identifying and implementing appropriate security safeguards
  • Review logs and alerts for anomalies and potential security breaches
  • Develop and maintain an adequate Security Awareness Program
  • Coordinate and monitor security access for all applications
  • Prepare monthly reports on security incidents and security status
  • Perform related and special duties as assigned
  • Develop and implement application and database security.
  • Develop and implement source code security analysis
  • Serve as a security expert in applications development and database design efforts
  • Research, design, and advocate new technologies, architectures, and security products that will support security requirements
  • Contribute to maintenance and development of application and database security strategy and architecture
  • Analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
  • Ensure adequate security solutions are in place to mitigate identified risks sufficiently to meet business objectives and regulatory requirements
  • Responsible for ensuring compliance with applicable laws, regulations and company policies across areas of organizational responsibility

Professional Experience/Qualifications we are in search for:

  • Bachelor’s Degree in related field or equivalent work experience.
  • Five to seven years’ experience in security design, configuration, troubleshooting techniques, and the use of diagnostic software and tools are required or equivalent combination of education and experience
  • Desirable certifications include:  CCNA-Security, SANS/GIAC, PCNSE, CISSP

Technical Competencies for ideal candidates:

  • Knowledge and experience with cloud based security IaaS or implementing security in DevSecOps a plus. 
  • Proven in-depth knowledge of network protocols and packet analysis tools such as tcpdump and Wireshark.
  • Proven ability to develop custom threat signatures in response to zero-day and emerging security threats.
  • Detailed knowledge with security-related systems and applications, firewalls, packet analysis tools, intrusion detection/prevention, and web content filtering.
  • Detailed knowledge of network infrastructure, including routers, switches, firewalls.
  • Detailed digital Forensics skills and experience.
  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity access management.
  • Detailed knowledge on IDS / IPS solutions and integrating into existing network configurations.

If you are an Professional who possesses/able to:

  • Detailed knowledge in web architecture and security.
  • Proven in-depth knowledge of network protocols and packet analysis tools such as tcpdump and Wireshark.
  • Proven ability to develop custom threat signatures in response to zero-day and emerging security threats.
  • Detailed knowledge with security-related systems and applications, firewalls, packet analysis tools, intrusion detection/prevention, and web content filtering.
  • Detailed knowledge of network infrastructure, including routers, switches, firewalls.
  • Detailed digital Forensics skills and experience.
  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity access management.
  • Detailed knowledge on IDS / IPS solutions and integrating into existing network configurations.

Occupational Personality:

  • Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
  • Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
  • Ability to work well under minimal supervision.
  • Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel.
  • Strong written and verbal communication skills.
  • Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.

Work Environment:

The noise level in the work environment is usually moderate as the employee works in an office environment, in an individual work station, using telephone and computer.  Employee is required to work evenings and weekends as required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Disclaimer:

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification.  It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

All qualified applicants will receive consideration for employment regardless of age, race, color, sex, gender, religion, national origin, physical or mental disability, citizenship, or any other classes recognized by state or local law or any other characteristic protected under applicable federal, state or local law. We are a drug free workplace.