Security Hardening Specialist

Mindcore Technologies is seeking an experienced Security Hardening Specialist to enhance the security of our Windows 2016 Report Server running ASP.NET and Visual Basic, which interfaces with our ConnectWise SQL database. This role requires expertise in server security, authentication methods, and encryption techniques to safeguard sensitive information and ensure compliance with best security practices.

How to Apply:
Interested candidates should send their resume, relevant experience, and project portfolio to:
Upgrade to see actual info

Include in the subject line: "Security Hardening Specialist – Mindcore"

Key Responsibilities:

Encrypt Configuration Files
-Utilize the aspnet_regiis tool to encrypt sensitive sections in configuration files (e.g., and ) to eliminate plaintext password storage.

Enhance Authentication Security
-Implement Multi-Factor Authentication (MFA) for report access.
-Review and recommend secure authentication methods (e.g., OAuth, centralized identity provider integration) to enhance access security.

IIS Hardening & Compliance
-Ensure IIS security best practices are followed, including secure protocols, headers, and access restrictions.
-Review Active Directory authentication implementation and suggest improvements.

General Server Hardening
-Validate that the server meets the latest security patching standards and that no unnecessary services are running.
-Ensure HTTPS is properly enforced and that encryption is robust.

Required Qualifications:
-Experience with Windows Server 2016 Security, including Active Directory authentication and server hardening techniques.
-Proficiency in securing ASP.NET applications, encrypting sensitive data, and implementing authentication mechanisms.
-Familiarity with ConnectWise SQL databases and best practices for securing database connections.
-Experience using aspnet_regiis for encryption and integrating MFA solutions such as Duo or Azure AD MFA.
-Strong understanding of web application security and OWASP best practices.

Preferred Skills
-Experience with OAuth, SAML, or OpenID authentication.
-Familiarity with PowerShell scripting for automation.
-Knowledge of penetration testing and vulnerability assessments.
-Security certifications such as CISSP, CEH, or Microsoft Certified: Azure Security Engineer.

This is an opportunity for a security expert to make a direct impact by enhancing the security posture of an essential business reporting system. If you have the expertise and a passion for securing systems, we want to hear from you.