Beschreibung
Since 1992 SD & T offers consultancy advice and service in the area of telecommunication and information technology. We work in the field of staffing services and innovative workforce solutions as well as in the field of consultancy. Our customers represent the TOP 50 of the German economy, e.g. in the sectors of telecommunication, logistics, banking and insurcance. In these areas of expertise we support our customers with specialized staff and highly qualified consultants.
For our customer we are currently looking for a
System Engineer (f/m) Ref. Nr.: 13540 - PT
Contract:: Freelance or employee
Duration: Juli 2017 till november 2017
Location: Zip code 8 - Taufkirchen
Tasks:
- ITIL process implementation and improvement
- Installs, configures, maintains and upgrades cyber security components
- Monitor managed components and manage incidents and problems (ITIL definitions)
- Tune performances
- Perform day-to-day system management such as user access management patch management
- Harden system and network components
- Develop, maintain and roll-out reference configurations (ITIL release and deployment management)
- Implement and follow security policies
- Elaborate and maintain system inventory/CMDB, system documentation, operating procedures
- Ensure appropriate testing before applying changes (change evaluation)
- Manage changes through a structured change management process (ITIL Change management)
- Report on service performances and availability, produce dashboards
- Design, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade cyber security infrastructure
- Provide expertise, guidance, recommendations and documented security configurations for implementation of security tools and processes
- Produce detailed engineering specifications
- Evaluate and recommend secure configurations
- Identify security requirements, based upon need or translate high-level security requirements into detailed technical requirements
- Support various technical and non-technical stakeholders to specify and negotiate security requirements
- Interact with network and system engineering teams to effectively communicate and develop security solutions
- Drafts documentation and standard operational procedures to support security systems operations
- Ensures the technical design and contributes to implementation of new components and/or enhancements in coordination with other team members in particular project managers, securityarchitects and engineers
- Ensure DRP through appropriate back-ups methods to ensure RTO are met
- Ensure service continuity for the managed components to defined SLAs
- Ensure capacity planning
- Support security monitoring use-case engineering
- Security events collection technical design. Integration of log sources into a SIEM solution
- Elaboration and translation of the security monitoring policy into monitoring rules
- Investigate, diagnose and solve system related problems
- Schedule installation work, liaising with all concerned to ensure that installation priorities are met and disruption to the organization is minimized
- Diagnose and solve problems and faults occurring in the operation of cyber security components
- Comply with organization procedures to ensure integrity of the system
- Recommend resolutions and improvements
- Provide integrated solutions
- Provide consolidate findings on components or processes
- Document cyber defence components configurations
- Ensure that systems meet agreed service levels
- Ensure that communication performance, recovery, and security needs meet agreed service agreement standards
- Contribute to define network design policies, philosophies and criteria
Craft, fine-tune and validate low level intrusion detection rules for network and host protection
- Development, test and roll-out new releases of Identity and Access Management solution
Requirements mandatory:
Specific Practice
- Network Security Engineering
- System Security Engineering
- Network Security Administration
- System Security Administration
- Security Testing (functional and non-functional)
- Cryptography
Certifications
- GSEC (GIAC Certified Security Essentials)
- GCWN (GIAC Certified Windows Security Administrator)
- GCED (GIAC Certified Enterprise Defender)
Methodologies
- SABSA (Sherwood Applied Business Security Architecture)
Standards
- ISO2700X Series
- ITIL
Specific Skills:
- ITIL implementation
- Ability to design, develop, install, configure, test, monitor, maintain, troubleshoot and
upgrade products
- Network Protocols (including IP, TCP, UDP, DNS, SMTP, Syslog-ng, HTTP, IP routing and
fail-over protocols, IEEE 802.1x)
- Cryptographic solutions (including common standards and ciphers, symmetric and
asymmetric encryption, PKI, HSM, smartcards)
- Security protocols (including SSL/TLS, IPsec, VPN)
- Ability to write comprehensive documentation.
- Hardening/Securing of Windows Servers and Desktops
- Hardening/Securing of Unix-like systems (such as System V, Linux, BSD)
Products / Tools:
- VMWare VSPHERE and ESXi technologies
- Windows Operating systems
- Linux Servers (Redhat, DEBIAN)
- NetAPP Storage NAS/SAN
- Firewalls
- System monitoring solutions (Nagios, Centron)
Requirements desired:
- GCUX (GIAC Certified UNIX Security Administrator)
- Authentication, authorisation and accounting (including RADIUS, TACACS+, Kerberos)
- Enterprise Active Directory and GPO development
- Auditing systems and networks for configuration weaknesses and vulnerabilities
- Administration and task automation using scripting and/or programming languages (e.g. Python, PowerShell, Perl, Java)
- Oracle Databases (including RAC)
- Cisco IOS
- Central password management/vault systems, PKI, HSM
- ANSIBLE Tower
Technical criterias:
- Environment complexity
- Languages WEB (JSF, JVM, XML, SAML,…)
- Oracle DBMS, MS SQL Server, MySQL
- SAP HCM
- Unix, Solaris, Windows OS
- PKI - CA - SW
- PKI - RFC 5280
- PKI - RFC – 6484
- HSM usage
- ID and Access Mgt.
- Networking and cloud computing
Please send us your application (incl. specifications on the availability and conditions) via email (max. 5 MB). Contact: Patrycja Tkotz ( or ).