8 to 12 years experience
Job Description and Responsibilities
- A strong foundational understanding of Linux operating systems such as RHEL, CentOS and Ubuntu are essential.
- Ability to identify vulnerabilities and security advisories relevant to the Linux distribution(s) in use. Understanding the severity and impact of each patch is crucial for prioritization.
- Expertise in scheduling and deploying patches across multiple Linux servers while minimizing service disruptions and downtime.
- Ability to assess the risks associated with applying or delaying patches, considering factors such as exploitability, criticality of systems and business impact.
- Understanding of rollback procedures in case a patch causes unexpected issues or conflicts.
- SSH configuration options to secure remote access, including key-based authentication, disabling root login, restricting user access, and using SSH tunnels for secure communication.
- Familiarity with kernel security features such as secure boot, kernel module signing and kernel hardening options.
- Hands on experience in YUM local repo setup as per requirements
- Understanding of Linux filesystem hierarchy, permissions and how to secure sensitive files and directories.
- Ability to create and manage user accounts and groups, including setting appropriate permissions and access controls for files and directories.
- Strong documentation skills to maintain records of applied patches, patching schedules, test results and any issues encountered during the patching process.
- Good to know about the Nessus agent relinking when it goes to offline.
- Proven work experience with RHEL Satellite server configuration and YUM centralized server configuration.
- Proven work experience as a System Security Engineer or Information Security Engineer
- Experience in building and maintaining security systems.
- Detailed technical knowledge of operating system (Windows/Linux), database and operating system security.
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Experience with network security and networking technologies and with system, security, and network monitoring tools.
- Thorough understanding of the latest security principles, techniques, and protocols
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
- Configure end-to-end security across infrastructure to include Windows/Linux OS hardening setting using CIS benchmark configuration.
- Consistently provide suggestions and recommendations for OS hardening, security, modifications, and upgrade choices.
- Manage group policies, review existing policies, and propose changes to increase efficiency and performance.
- Deploy OS hardening settings using GPO to all Windows production and development machines.
- Identify & troubleshoot server configuration and/or performance irregularities.
The ideal candidate for this role should have a bachelor’s degree in computer science, information security, or any related field, and should have experience with network and endpoint security technologies. The candidate should possess strong communication and interpersonal skills and the ability to work effectively in a team.