IT Security Specialist

New York, New York

 Comrise
Job Expired - Click here to search for similar jobs

Overview

  • The IT Security Specialist - Engineering role is responsible for the delivery of security related activities and maintenance and enhancements of security solutions to improve the security posture of the company estate.
  • This individual will interact with the IT Security Architecture Team, IT Security Operations Team, Project Management Teams, global IT Teams, and outsourcing partners to deliver solutions that enhance the security program for company.

Responsibilities

Strategic

  • As part of the Company Security Engineering team, develop and implement company security strategy in consultation with the Company IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall company Strategy.
  • Provide security advice and support for information technology projects.
  • Research new security related products and services to ensure that company is equipped with appropriate industry best of breed tools and solutions.

Operational

  • Operate and maintain company Security controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, Network Protection, etc.
  • Review and help refine company Security procedures to ensure compliance with cyber resilience requirements.
  • Be responsible when assigned ownership of company Security related Regulatory and Internal Audit finding(s), and provide effective / timely resolution.
  • Design and integrate consistent security solutions across company on premise and cloud environments for domains like Vulnerability Management, Endpoint Security, Data Security, Network Security, Identity and Access management, etc.
  • Facilitate monitoring and enforcement of configurations, as well as manage and monitor security on systems deployed in the cloud in a similar fashion as is done on-premises at company.
  • Oversee design principles and controls relating to third party solution providers.

Leadership

  • Work as a team member and individual contributor being able to work independently and confidently without direct supervision.
  • Through example and Behaviour, strive to provide peer leadership to other team members with the goal of being excellent service providers and enablers to other constituencies (both internal and external).
  • Strong communication (verbal and written) skills to engage with technical and non-technical audiences.
  • Ability to clarify technical detail and confidently communicate business risks to senior management.
  • Execute company Security Engineering team s vision and mission in alignment with the overall company Security vision and mission, as well as with company s strategic direction as it pertains to cyber resilience.

Qualifications

Experience / Essential and Desired for Successful Job Performance

  • A minimum of 5 years of information security experience with at least 2 years in cloud security.
  • Expert knowledge of one or more of the following: firewalls, TCP/IP, network IDS/IPS, host-based IDS/IPS, endpoint and network-based DLP, web proxies, email protection, endpoint protection software, SIEM
  • Sound knowledge of enterprise security concepts/frameworks and products, secure design principles and patterns
  • Monitor, tune and develop technical company Security controls and frameworks to ensure appropriate preparation, monitoring and response to threats
  • Ability to collaborate effectively with others to drive forward key security objectives
  • Strong documentation and report writing skills (to both technical and business audiences)
  • Excellent time management and organizational skills combined with technical company Security acumen
  • Financial and/or Banking industry experience preferred

Qualifications / Certifications

  • in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent) or Security Certifications such as CISSP, SANS GIAC GSEC, GCED, GCIA, GCIH, GREM; or Cisco CCNA, CCNP; or equivalent.
  • Industry recognized cloud security qualifications (e.g. CCSK, CCSP, AWS Security Fundamentals, AWS Certified Security)
  • Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook
Date Posted: 22 May 2024
Job Expired - Click here to search for similar jobs