We are seeking an Information Security engineer to support our Global Security Services group, with a primary focus on implementing and operating on proactive defenses.
Candidate must have strong hands-on technical background, and must demonstrate operational, engineering and security expertise at all layers of the OSI stack. Candidate must be highly collaborative and is expected to partner effectively with other teams. Candidate must be able to efficiently diagnose and anticipate issues based on deep knowledge of the operating environment, standard technology stacks and operating systems, and acquired expertise in the subject security solutions.
Specific responsibilities:
• Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.
• Apply strong logic and principles-based reasoning to define solutions and justify proposals.
• Work closely with other IT Engineers and staff to ensure that security solutions are implemented and operating as required.
• Serve as lead Splunk / SOC engineer managing the SIEM(s) and related data flows.
• Devise and implement means to provide transparency about health of security platforms and services.
• Lead or support projects as required to implement new security solutions or upgrade incumbents.
• Maintain deep expertise in the growing body of IT security vulnerabilities, threats, exploits and mitigations.
• Serve as lead engineer supporting security infrastructures.
• Acts as a key member of the CSIRT
Experience/Skills Required(5-10 years):
• Familiarity with NIST and ISO 27000 security practice frameworks.
• Extensive hands-on experience with Splunk and other security infrastructures (e.g. Firewalls, IDS/IPS, Proxies, Microsegmentation )
• Extensive hands-on experience operating one or more common IT infrastructures ( Telecom, database, Windows and *NIX systems, virtualization platforms )
• Proficiency with scripting / programming languages ( e.g. Python, Powershell )
• Familiarity with relevant international and U.S. regulations such as NYDFS, SOX, GDPR, DORA.
• The following are not essential, but are highly valued;
• Professional experience in application or infrastructure penetration testing
• Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc…)
• Demonstrable experience creating, securing and managing Cloud infrastructures (e.g. Azure, AWS)
• Familiarity with a relevant enterprise Architecture methodology (e.g. Zachman Framework, TOGAF).
Education:
• Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience.
• Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender ( GCED )