Information technology security Engineer

Job Description Information technology security Engineer

Location: NYC, New York

Contract period: Long term.

The LBBW Information Technology Security Engineer provides Information Security support services as a member of the LBBW Americas service delivery team. The engineer will spend most of his/her time implementing and managing security control systems and reconfiguring other information technology changes to our environments to adhere to cybersecurity best practices and regulatory needs. The security engineer will be responsible, direct, oversee and control the activities of the MSP to the extent that the MSP executes IT Security Operations tasks. The IT Security Engineer reports disciplinarily to the IT Manager and functionaly into OE 168x.

Key Responsibilities

Be the centre of competence for IT Information Security Operation processes within the Americas Region.

Develop, maintain and control the IT Security environment of LBBW s Americas Region to be in compliance with the respective Information Security guidelines.

Develop strong relationships with the Head Office functional line. In a joint approach with the HO unit define and continuously optimize processes and maintain an effective and efficient framework of processes, policies and procedures in collaboration with the Head Office

Implementing the Information Security guidelines and regulatory requirements. Ensure completeness and correctness.

Manage and control the vulnerability management and security incidents of the LBBW s America Region in collaboration with the HO.

Develop and maintain the documentation towards target audience, e.g. IT Staff, Auditors, Regulators, Management.

Develop a strong collaborative relationship and do the steering of exchange of experiences with both the local IT and Informations Security Teams and the functionally responsible HO IT units.

Lead and/or participate on a team designing, developing, and testing security of LAN and WAN networks, firewalls, and Azure Networking

Support Cybersecurity operations with expertise in cloud, network, and system cybersecurity control systems, developing, implementing, and maintaining mitigation and response plans.

Develop, implement, and maintain documentation including Installation and Configuration Guides, systems hardening, security controls, and monitoring

Provide cybersecurity control systems engineering expertise to ensure that technical and operational requirements are achievable and being satisfied

Provide support in validating and verifying requirements, requirements analysis and decomposition, requirements test/verification/validation, and reporting

Qualifications & Skills

Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.Thorough understanding that IT Security Operations are imperative in defending our data as most valuable asset against constantly changing threats.

High motivation and a strong drive to stay up-to-date on cybersecurity developments and continuously improve defensive measures.

Excellent analytical, problem-solving, and troubleshooting skills.Ability to work idependently and collaborate with others to understand and influence opinions, plans, behaviors

An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service, as well as an understanding of organizational mission, values, and goals.

Self-directed knowledge gathering from a combination of public and internal sources able to answer questions that haven t been asked before

Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls.Monitor and advise on information security issues related to systems and workflow to ensure internal security controls are appropriate and operating as intended

Analyze and remediate network security vulnerabilities and Participate in incident response activities, including investigation, containment, and recovery efforts, as needed

Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching.Experience with encryption and authentication technologies required

Monitoring of network uptime, availability, bandwidth utilization, configuration change monitoring and backups

Strong understanding of cloud infratstucures

Manage network device lifecycle including keeping apprised of patches, latest technologies, End of Support / End of Life dates, and firmware updates.

Collaborate with vendors, MSPs, and internal stakeholders to provide and gather input on various initiatives

Must be fluent in ability to manage and support Fortigate / Fortinet Firewalls

Position Requirements

Bachelor's or advanced degree in Computer Science, Engineering, or equivalent in related field experience

5 years plus hands-on technology experience with focus on Information Security (with an emphasis on firewalls and networking)

Experience in firewall policy development, vulnerability assessment, and compliance testing

Hands-on experience with security technologies, such as firewalls, IDS/IPS, SIEM, antivirus, authentication (MFA) web filtering and vulnerability scanning tools.

Industry certifications: Checkpoint, Cisco, Fortinet, CISSP, GIAC, CISA, SANS GCFA, GCED, GMON, are a plus.