Security Engineer III (Fully Remote)
Posted on: January 16, 2022
At Aqua, a subsidiary of Essential Utilities, Inc., we know that
water is a precious resource - one that plays a critical role in
sustaining life. That's why we take seriously our mission:
protecting and providing Earth's most essential resource. At Aqua,
we are guided by a set of principles that embody the character of
our company and inspire our work together. They are embedded within
our business practices and our behavior. We are proud to be united
by integrity, respect and the pursuit of excellence to be the best
we can be for the customers and communities we serve.
Together, the women and men of Aqua, a subsidiary of Essential
Utilities, Inc. serve 1 million customers across eight states. Aqua
uses science, technology, capital investments, and amazing talent
to provide communities with clean, safe drinking water and
responsibly return wastewater to our rivers and streams. Join our
team and make a difference!
Are you looking for a fantastic career at Aqua? We have an exciting
opportunity for a Security Engineer who will function in an
advanced role supporting security operations, architecture and
engineering, incident response and threat management with a
responsibility to help protect critical Enterprises IT and OT
assets. The position frequently leads security operations
activities, serves as a senior engineer responsible for
architecting and implementing security in Information Technology
and Operational Technology (SCADA/ICS) environments. The Security
Engineer III will regularly engage with both technical teams and
business stakeholders to ensure that appropriate security is
implemented and that risk is managed for our technology
- Function as a senior member of the Security Operations and
Engineering team with skill in intrusion detection and prevention
(IDS/IPS), network security, threat analysis and hunting, SOC alert
triage and incident response, and malware analysis.
- Ability to participate in project teams for both Information
Technology and Operations Technology designing and implementing
security controls and capabilities.
- Manage, support and utilize the Security Operations technology
portfolio including: Network Security, & IDS/IPS, EDR, SIEM,
Forensics Sandboxes, Automation tools, Host based security tools,
Email & Cloud security tools.
- Participate in SOC Incident Handler shifts, threat intelligence
analysis and threat hunting activities.
- Monitor current and proposed changes to the technology
environment and assess impact to security.
- Participate in all phases of the SDLC and project life cycles
as needed for corporate initiatives - design, build and operate
ensuring security policy and procedures, and control/compliance
frameworks and security best practices are implemented and
- Create/maintain documentation of security solutions, services,
configurations and processes. Communicate the performance and
health of the security program at regular intervals by
participating in the development of standard update reports,
scorecards, and trend summaries.
- Bachelor's Degree focused on Information Technology or relevant
- Must have 5 years of relevant information technology
experience, with at least 3 years' experience in a security
engineering or incident response role.
- Candidates must also have one or more of the following
certifications: PCNSE, GIAC (GCIH, GCCC, GPEN, GICSP, GRID, GCFA,
GNFA). Candidates who do not hold any of these certifications will
be considered, but on hire, a skills, training and certification
roadmap will be mandatory.
Knowledge, Skills And Abilities
- At least 3 years direct experience in a role focused in at
least one of the following categories: Security Engineering,
Network Security Architecture, Security Operations and Incident
- Experience working in an environment that utilizes common
security frameworks such as NIST CSF, Critical Security Controls,
- Understanding of frameworks and approaches for managing and
modelling threats such as MITRE ATT&CK, Cyber Kill Chain,
Diamond Model, etc.
- Desire to learn and develop skills for cybersecurity in an for
- Proficiency in scripting in at least one of the following
- Subject matter expertise or experience in several of the
following functional areas and technologies:
- Operational Technology/OT
- Network segmentation models such as Purdue.
- Familiarity with industrial protocols (i.e. modbus, EtherNet
IP, OPC, etc---).
- Security Information and Event Management (SIEM)
- Familiarity in participating in security operations utilizing
common SIEM platforms such as Splunk, ArcSight or qRadar.
- Incident Response & Forensics
- Operationalize threat intelligence and perform threat hunting
- Ability to perform and analyze packet captures with Wireshark
and TCP Dump.
- Network forensic skills looking at flow data, firewall logs,
full packet capture data, IDS/IPS, and SIEM correlation.
- Host and memory forensic analysis skills with experience using
tools like Magnet/Axiom, Volatility, Kape, Redline, Kansa, common
- Network Security
- NGFW management (preferably Palo Alto Networks Firewalls) with
experience in access policy management, threat profiles,
- Network and host-based intrusion detection and prevention
systems such as Palo Alto, Sourcefire, BRO, Security Onion,
- Aptitude to understand and integrate security into project and
application lifecycles for enterprise IT systems, as well as apply
these concepts appropriately in the OT environment.
- Strong written and verbal communication skills with proven
ability to articulate security issues to both technical and
- Ability to work off hours when necessary and participate in
rotating Security Operations on call cycle.
- Strong organizational skills and the ability to multi-task and
- Familiarity with the following security knowledge domains:
- Enterprise network topologies
- Windows, Linux and Unix administration
- Mobility and cloud platforms
- Sensitive data types such as PII, IP, PHI
COVID-19 Vaccination Requirements
Essential Utilities and its subsidiaries , including Aqua, Delta,
and Peoples Natural Gas, requires new hires to be fully vaccinated
against COVID-19, where allowable under the law. To satisfy this
requirement, new hires who received the one shot regimen of the
Johnson & Johnson vaccine must receive the one dose shot prior to
their first day of employment. Proof of vaccination must be
provided on your first day of employment. For the two shot regimen
of either Pfizer or Moderna, a new hire must have received at least
one dose of the vaccine before their first day of employment. Proof
of the second dose date must be received within the recommended
timeline based on the manufacturer's vaccine received. For example,
for Moderna as soon as the 28 day period has elapsed and for Pfizer
as soon as the 21 day period has elapsed. Failure to provide proof
of your COVID-19 vaccination status will result in the termination
of your employment with Essential Utilities including its
subsidiaries Aqua, Delta and Peoples Natural Gas.
If you are unable to be fully vaccinated due to a medical or
religious exemption, you will be required to apply for an exemption
on your first day of employment with Essential Utilities. As part
of the process, you will be required to provide information and/or
documentation to Human Resources about the reason(s) you cannot be
vaccinated. If your request for an exemption is not approved, then
your employment may be terminated.
Aqua, a subsidiary of Essential Utilities, Inc. is an Equal
Opportunity / Affirmative Action employer. Equal employment
opportunity is provided to all employees and applicants for
employment without regard to the following legally protected
characteristics: race, color, religion, sex, national origin, age,
pregnancy (including childbirth and related medical conditions,
including medical conditions related to lactation), physical or
mental disability, covered-veteran status, genetic information
(including testing and characteristics), sexual orientation, gender
identity or expression or any other characteristic protected by
applicable local, state or federal law.
Aqua, a subsidiary of Essential Utilities, Inc. is committed to
providing reasonable accommodation to individuals with
disabilities. If you have a condition that may prevent you from
applying for a job online or need to request an accommodation
during the interview process, please call (1-877-271-9012).
Keywords: Aqua, Philadelphia , Security Engineer III (Fully Remote), Engineering , Philadelphia, Pennsylvania
Didn't find what you're looking for? Search again!