logo

View all jobs

Security Engineer

Durham, NC
Title: Security Engineer 
Duration: 12+ Months - Renewable contract
Location: Durham, NC 
Atrilogy's Direct client is looking for a passionate Security Engineer  in Durham, NC. Raise the security bar for FI Web Tech by monitoring ongoing processes and performing other activities related to secure code reviews including analysis of results and derivation of statistics.  Work with the team to implement controls and/or solutions to specific business problems to ensure risks and exposures are properly mitigated, provide basic technical assistance on risk-related systems issues, and assist the business unit liaison for information risk management program.
Position Details
  • Lead testing efforts on FI Portal applications
    • Keep current with the subsystems on new/changing features of applications
    • Working with the subsystem SMEs, learn the navigation paths through the applications
    • As needed, perform application walk throughs for PEN testing.
  • Application testing
    • Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.
    • Analyze test results, draw conclusions from results, and develop targeted exploit examples
    • Upon completion of the assessment, manage statistics and prepare reports
    • Communicate findings to the subsystems
    • Consult with subsystem teams to ensure potential weaknesses are addressed
    • Monitor progress for finding remediation
  • Manage proactive Static Code reviews
    • Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.
    • Analyze test results, draw conclusions from results, and develop targeting exploit examples
    • Perform analysis and make recommendations for resolving issues
    • Support ad hoc data analysis requests
  • Manage ECS (static and pen code reviews) submissions
    • Prepare and submit ECS code reviews
    • Analyze incoming findings for validity
    • Deep-dive code analysis for additional details – root cause analysis of issues
    • Assign findings to subsystems
    • Partner with subsystems to implement plans for remediation
  • Work with the team to define requirements and influence security strategy
    • Analyzing and assessing potential security risks, developing plans to deal with such incidents by putting measures in place such as monitoring and auditing systems for abnormal activity, and executing corrective actions.
    • Perform analysis and make recommendations (e.g. in partnership with other Fidelity organizations, evaluate vendor security products from an incident response life cycle perspective; review impact of information systems to determine if they add value in assessment of risk; review and comment on security architecture
    • Manage solutions to accommodate new event sources, automate event analysis, and correlate events for investigations
  • Miscellaneous
  • Collaborate with the static code scanning and Security Analyst to provide holistic view of the state of application security
  • Contribute to the research or development of tools to assist in the vulnerability discovery process
  • Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's applications and infrastructure
  • Stay current on security best practices and vulnerabilities Communicate status (e.g. report on progress against technical plan; timely escalation of issues and risks; ability to explain technical solutions to a non-technical audience)
  • Maintain data for statistical analysis
For immediate consideration please submit your resume in Word format, along with daytime contact information.  LOCAL CANDIDATES ONLY PLEASE unless you are willing to relocate yourself at your own expense.   All submittals will be treated confidentially.  Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening.  Principals only, no third parties please. Atrilogy Solutions Group is willing to sponsor qualified H-1B Visa candidate.  No C2C is allowed on this role.  W2 candidates only. 


Established in 2000, Atrilogy Solutions Group, Inc. provides organizations of all sizes with high-quality, cost effective information technology (IT) and business process consulting & staffing services.  Our industry-leading service model combines experienced project managers with seasoned technical and functional consultants to eliminate client uncertainty and deliver superior value and results.
 
Clients turn to Atrilogy for expertise in:
• IT staffing and placement (Project Managers, Agile/Scrum Masters, Business Analysts, DBA’s, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists)
• All major ERP & CRM packages (including Oracle, Workday, PeopleSoft, JD Edwards, Lawson, SAP, Dynamics AX, Salesforce, Microsoft CRM, NetSuite)
• Business Intelligence, Data Warehousing, and Big Data Integration
• Creative (Interactive Project Manager/Art Director, Information Architect, UI/UX Designer, Web/Graphic Design)
 
Atrilogy has been recognized by Inc. magazine as one of the nation’s fastest-growing, privately-held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, Atlanta, and Dallas with satellite offices in Boston, Jersey City, Las Vegas, Seattle, and Delhi, India.
 
Atrilogy Solutions Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
 
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
Powered by