Focuses on hands on engineering and architecting cybersecurity solutions and ways to protect the firm from various threat actors.
Performs as the Subject Matter expert focused in multiple technologies within the Security arena (IAM, Cloud Security, Data Security, Network Security, Encryption, Privileged Access Management, Federation etc.).
Establishes a strategic security architecture vision, including standards and frameworks for medium to large enterprises.
Develops and maintains log analysis solutions, including data collection and aggregations, data normalization, and reporting.
Creating use cases to ensure visibility across various logs sources for potential incidents.
Contribute to workflow or process change and redesign, and to form a strong basic understanding of the specific product or process; May also be accountable for regular reporting or process administration as owner.
Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.
Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant layers, test those controls and perform gap analysis to find areas of improvement.
Strong understanding and hands on implementation experience with SANS/CIS Top 20, NIST CSF, 800-53, ISO27001 controls.
Strong Incident Response skillset using MITRE Telecommunication&CK and Cyber Kill Chain frameworks. Being able to conduct threat modeling in order to determine major threats facing the firm.
Strong Information Security Risk Assessment experience conducting cloud and third-party risk assessments.
Develop and maintain documentation for security systems procedures and processes. Develop security awareness training for new and existing employees.
Perform testing to evaluate new products for network and system security controls.
Maintain logging and monitoring standards, technical investigative techniques and reporting.
Supporting offensive architecture analysis and design of defense-in-depth solutions.
Participate in the development of the security roadmap and communicate the Technology Security vision to senior management and technical departments.
7 Years of hands on architecting, implementation and design experience required, designing globally scalable security solutions.
Solid Technical hands on Cyber Security experience with implementation and management of core security solutions.
Deep packet analysis experience required using wireshark/tcpdump.
Cloud security experience required (AWS, Azure), Incident Response in the cloud.
Advanced experience in process documentation, flow charting and re-engineering.
Deep understanding of Unix, Linux and Windows Security principles and Microsoft Active Directory.
Python/Bash/PowerShell scripting required.
Strong expertise with the following technologies and solutions at a minimum:
Endpoint Detection & Response
Privileged Access Management & Implementation
Information Security Risk Assessments of Cloud and third-party vendors
Performing gap analysis within different environments coupled with an in depth understanding of regulatory guidelines as well as standards and best practices related to CIS Top 20, ISO and NIST CSF frameworks.
One of the following certifications is required - CISSP, CISM, CCSP, OSCP, GIAC GCIH, GCTIA, GDSA or equivalent.
Understanding of OWASP Top 10 highly desired.
Good understanding of Zero Trust principles highly desired.
Implementation experience of ELK stack highly desired. [Elasticsearch, Logstash, Kibana]
Ability to analyze vulnerabilities within the internal infrastructure and oversee timely remediation.
Ability to communicate information security concepts across a broad range of technical & non-technical staff.
Weekend and night work may be needed at times based on project, support, and business needs.