Senior Security Engineer: SCOPE OF POSITION: The Senior Security Engineer will report to the Director of Information Security and will immediately focus on ensuring all facilities are PCI compliant according to PCI DSS requirements. This is a hand on technical position which will require implementation of Firewall devices/appliances including design and architecture and travel to multiple locations on an as needed basis (anticipated at 50-75% in the first 2.5 years). Going forward the position will be responsible for technical implementation of security controls, maintenance of internal security controls as defined by the information security policy and PCI compliance. RESPONSIBILITIES: Perform security assessments, compliance gap analysis, researching, documenting and implement solutions on a location-by-location basis to ensure PCI compliance. Analyze assigned facilities that perform credit card transactions and create network and data flow diagrams based on the analysis. Provide technical recommendations and cost effective solutions. Collaborating with field managers, equipment vendors and 3rd party service providers to implement and thoroughly test compliance solutions analysing and reviewing technical requirements to ensure all newly acquired facilities are PCI DSS and PA DSS compliant and that terminated locations are decommissioned appropriately.Reviewing security logs and responding appropriately to any data breaches or threats of a data breach. Acting as the first point of contact for IR (Incident Response) team related to data breaches.Performing periodic audits to sustain compliance with PCI and internal security policy and remediation of compliance gaps as identified in the vulnerability scans.Designing and documenting processes and procedures ensuring on going maintenance of PCI compliance while keeping garage network downtime at a minimum and transitioning day-to-day compliance tasks into a sustainable business process. QUALIFICATIONS:Minimum of 2-3 years of hands-on experience performing security assessment, security audits and remediation of security gaps in context of SOX or PCI. Knowledge of PCI-DSS and PA-DSS standardsHands on experience in designing, supporting and implementing large diverse networks preferably in a retail environment. Strong knowledge of Routing, Switching, TCP/IP, IPSEC and VPN gateways/Firewalls. 3 years of administration, implementation and troubleshooting skills encompassing diverse operating systems, networks, and security systems. Experience with Active Directory security design, architecture and GPO implementation. 3 years of experience and compressive knowledge and understanding of Firewalls and other Security products such as (ASA, Sonic wall, Checkpoint R65, UTM, PIX, IPS/IDS Sensors, and or CSA). 3 years experience performing Vulnerability scans using industry tools such as Nessus, E-eye (retina), ISS, Xscan. Creating security baselines for infrastructure equipment and auditing them for compliance. 2 years experience in documenting network designs for complex systems and using industry security tools like, Wireshark, Kismet, Tcpdump and Nmap. 2 years experience or strong skills in event log management/monitoring and reporting tools example (Cisco MARS). Experience in creating security baselines/hardening guidelines for Servers, Firewalls and network devices. Although not required but experience in a regulatory or audit position for at least a year using a risk-based approach would be advantageous as well as experience with security hardening and creating security baselines for network equipment and Servers. To Apply to this job go to http://www.GadBall.com or click here