Our client is looking to hire a Senior Information Security Engineer at their offices in New York City 10019. This role is on a full-time, direct-hire basis and will pay an annual base salary of $175K to $200K plus a performance-based bonus and excellent benefits package. This role allows for a "Hybrid" work week and will only require the person to be onsite 2-days a week.
Job Title: Senior Information Security Engineer
Location: New York, NY 10019 (3 days WFH)
Salary: $170K - $190K (some flex), bonus and excellent benefits
Term: Direct Hire/Permanent
Referral Fee: $1,500.00
3rd Party: NO
Please send your resume in Microsoft Word format
Reporting to the Information Security Director, the Senior Information Security Engineer works within a diverse and exciting team of 6 additional skilled security professionals. Collectively, this team is responsible for the ongoing operation of our client's information security program.
The Senior Security Engineer is a wide-ranging, hands-on role encompassing the design, implementation, and maintenance of advanced security technologies, performing in-depth security reviews for new projects and technologies, and providing a frontline response for security incidents. The ability to communicate effectively with all levels of the business regarding security issues while ensuring that our client’s information assets are adequately protected is essential.
Understanding security in a holistic and highly technical manner is essential for this role. We’re looking for healthily paranoid individuals who think strategically about and fix specific security risks in the environment. We want to bring you onboard if you have experience in scripting, SIEM, XDR, threat intelligence, automation, network security, application security, forensics/IR, cloud security, and security architecture in general! You have the expertise we need! We have an excellent environment in which to take your career forward!
- Act as the primary resource/lead for at least 2 of the Firm’s security platforms (Palo Alto SaaS/SASE/Strata, FireEye, Microsoft Defender for Endpoint|Identity|Etc, Azure Sentinel, CyberArk, Splunk, Varonis, Vectra, Forescout, Illumio, and others) including design, implementation, and maintenance of those platforms. Continually evaluate new features for implementation in the environment.
- Develop functional knowledge of the comprehensive security architecture in order to support those technologies when needed, as well as integrate these technologies creatively and effectively.
- Develop scripts using Python, PowerShell, Splunk Processing Language (SPL) or other scripting languages to automate mundane or time-intensive tasks. Integrate these automation scripts into the security architecture in a transparent and supportable way to augment the teams current abilities.
- Perform front line security incident response as a member of a 5 person on call rotation. Using the Firm’s established processes and procedures, provide timely investigation and resolution to all suspicious email reports, malware instances, and other security events. Develop automation scripts to assist in the team’s incident response effort.
- Using established processes, conduct detailed, written security reviews for vendors, projects, and technologies. The security review process includes conducting initial intake interviews with stakeholders, researching and performing due diligence, using third party risk management tools, conducting risk assessments, and presenting final recommendations for moving forward in a secure manner.
- Throughout the system development lifecycle (SDLC), assess and review the Firm’s current technology infrastructure to identify key risk areas, ensuring that adequate controls are in place to address those risks. Take a lead position to research specific security technologies and controls as requested by senior management.
- Lead efforts to improve cyber threat intelligence (CTI) gathering, analysis, and management.
- As assigned, conduct periodic scheduled processes and procedures such as running vulnerability scans, and periodic privileged access reviews.
- Maintain operational responsibility for the information security team’s ticketing queue, primarily relating to the evaluating and managing tickets requesting policy exceptions.
- Offer insights and collaborate within the team to provide input to strategic and tactical planning, initiatives, and projects.
- Four year degree in computer science or related field, or the equivalent work experience preferred.
- A minimum of 3-5 years of experience in an information technology security role, or equivalent work experience in other areas of the broader Information Technology field. Information Security certifications are considered a plus (CISSP, CISA, CEH, GSEC, OSCP, CRISC, Palo Alto, Cisco, Splunk, and others). Non-security certifications in Cisco, Microsoft, and Cloud considered.
- Strong scripting abilities preferred.
- This role is highly technical and expertise in at least some of the following is required: Next generation firewalls (Palo Alto) and endpoint tools (FireEye, Symantec), ethical hacking, email firewalls (Proofpoint), SIEMs (Splunk), threat analysis tools, vulnerability scanners, authentication, encryption, authorization, continuous auditing tools/techniques, network segmentation, access control, privileged account management, or other information security tools. Deep understanding of networking and operating systems concepts considered very important.
- This role requires diligent adherence to specified processes and procedures with a professional and consistent end product.
- Experience managing and leading security projects, including defining requirements, developing project plans, and delivering results
- Excellent oral and written communication skills.
- Strong organizational skills to handle multiple priorities.