***We are unable to sponsor as this is a permanent full time role***
A prestigious company is on the search for a Cyber Security Engineer III. This engineer will lead and mentor an engineering team. They will focus on security assessments, vulnerability management, and platform threats. They will work with security controls, IT infrastructure, networking, Azure Cloud, intrusion detection, firewalls, etc. This is a well-rounded Cyber security engineer with a wealth of broad knowledge.
- Lead and mentor the security engineering team.
- Provide input into the strategic decisions that affect the functional area of responsibility and participate in long-term strategy and planning for Information Security.
- Manage and mature the security assessment and vulnerability management programs. Create and maintain system, metrics, procedural and support documentation.
- Perform security assessments for IT projects, technologies and third-parties (e.g., vendors and service providers).
- Collect information and assess emerging threats including software vulnerabilities. Coordinate the triage of and response to vulnerability information. Disseminate this information regularly to firm staff and management as appropriate.
- Subject matter expert for Information Security, consulting to technical and non-technical management, and attorneys as necessary.
- Contribute to the development and maintenance of security policies, standards, processes and guidelines.
- Six (6) years of direct work experience in security assessments, vulnerability management, or similar.
- 4-year college degree in information technology or equivalent experience
- Experience with assessments in Windows and Unix is required
- Knowledge of IT security controls and IT infrastructure is required
- Experience with cloud technologies such as Microsoft Azure IaaS and SaaS is required
- Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG… is required
- Scripting/automation experience such as Python, PowerShell and API integrations is preferred
- Knowledge of security technology capabilities
- Knowledge of cloud capabilities, controls and implementation
- Knowledge of security administration and role based security controls
- Knowledge of authentication technologies and their interaction with different platforms, both on-site and remote
- Knowledge of Identity & Access Management technologies
- Knowledge of anti-malware technologies
- Knowledge of Intrusion Detection and Intrusion Prevention technical capabilities
- Knowledge of both client and server firewalling technologies and their configuration and administration
- Knowledge of security systems log correlation and analysis
- Knowledge of data encryption technologies
- Knowledge of Endpoint Detection and Response tools
- Knowledge of vulnerability assessment and forensic tools
- Knowledge of web filtering and email SPAM prevention techniques
- Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) are preferred.