Cyber Security Specialist

Our client is an international law firm. They seek a Cyber Security Specialist to join their team. Candidates must live in the NYC metro or the DC metro area. This is a technical position where you will manage, provide technical support, implement, maintain, and troubleshoot all security products used by the Firm. You must have significant hands-on experience with security technologies and solutions. You will also perform daily investigations of security incidents, security assessments, and audits. Candidates with work experience in financial institutions, government, or highly regulated industries are preferred.

Responsibilities

• Administer enterprise security technologies, including firewalls, AV, web filtering, DLP, IPS/IDS, NAC, DDOS protection, third-party remote access, application listing, and endpoint detection and response solutions
• Operate and monitor Security Incident and Event Management (SIEM) platforms, investigating and resolving all security events
• Oversee privileged account management systems and access controls
• Conduct technical security audits, risk assessments, and firewall, network, and system configuration reviews
• Perform vulnerability scanning across networks, servers, systems, and applications
• Analyze malware, research emerging exploit techniques, and lead proactive threat-hunting activities
• Evaluate and test new security technologies to enhance the Firm’s security posture
• Produce weekly security reports and track key information security metrics
• Collaborate with consultants and third-party security vendors (MSSP, SOC, and others), maintaining strong vendor relationships
• Contribute to information security architecture reviews, incident response activities, and the development of processes ensuring client security requirements are met

Requirements

• 5-7+ years' experience in IT Security
• Prior experience with actual incident response, investigations, and forensics analysis
• Extensive knowledge of security best practices regarding computer systems, networks, telecommunication, and all associated hardware
• Strong, analytical approach to problem solving and solution development - able to think outside of the box and go beyond traditional security.
• Able to manage multiple projects and support functions in a fast-paced, dynamic environment.
• A professional with a customer satisfaction-oriented mindset, creative, and able to balance security with business objectives
• Strong analytical, communication, and interpersonal skills
• Excellent documentation skills and capable of creating comprehensive security documents such as standard operating procedures, guidelines, and architecture diagrams

Technology Requirements

• Cisco network devices
• In-depth experience with Palo Alto firewalls with all the features available in the product
• Experience with password safes (CyberArk or Beyond Trust)
• Micro segmentation technology – Illumio or others
• SIEM products such as Microsoft Sentinel or others
• IDS & IPS (Vectra AI, Snort, Suricata, AlienVault, or others)
• Endpoint security products – CB Application Control, Microsoft Defender, and Defender ATP.
• Vulnerability scans and penetration tests using Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike, or others.
• Open-source security tools (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoast, TrustedSec SET, and others) and network traffic analysis
• Vulnerability management with Tenable IO, Rapid7 Nexpose, Qualys or others
• Experience with Windows operating systems, Active Directory, DNS, DHCP, and Microsoft SQL
• Experience with Linux operating systems (Ubuntu, CentOS RedHat)
• Experience with Windows Servers and Workstations Security
• Experience with scripts (Python, VB, Powershell and others)
• Experience with Privilege Account Management Solution (CyberArk, BeyondTrust, or others)
• Microsoft M365 E5 security products and Microsoft Azure

Please note this is a remote position. The working hours are: 6 am - 2 pm Eastern Time, Monday - Friday, and will be part of an on-call rotation schedule. This position will also require the following:

• The ability to travel when necessary
• Ability to report for work on regularly scheduled days and off hours when required
• Available to take emergency off-hour calls during security incidents

JobID: 47736