Senior Security Engineer
Mode of Interview: Video
Duration: 12 months
Assignment Name
Senior Security Engineer (2 positions: Leads ONLY)
Work Location:
80 Maiden Lane (7-hour day), Brooklyn NY must be local
Tasks
Lead the implementation of cybersecurity initiatives for My City Portal development project
Perform organization-wide cybersecurity risk analysis and maintain updates on the identified risks
Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
Create and follow a process to track progress against cybersecurity plans
Create network architecture diagrams, collect communication flow information, and build high level and low-level design documents
Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
Translate compliance requirements into specific security controls and present compensating security controls
Report to upper management on current cybersecurity posture and progress on mitigating identified risks
Identify cybersecurity gaps and maintain a risk register
Create metrics to measure cybersecurity controls efficacy
Work with partners to create and maintain incident response plans
Monitor and respond to alerts
Review and optimize existing cybersecurity controls
Ensure the organization compliance with cybersecurity best practices, policies and standards
Enforce endpoint security standards
Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation
Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development
Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
Mandatory Skills
Bachelor's degree in computer science, Information Systems or equivalent work experience
At least 15+ years of experience in information security
At least 10+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
At least 10+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML, Kerberos, MFA technologies, and Identity management
At least 8+ years of experience working in cloud environment (Azure, AWS, GCP)
At least 8+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, Cloud Flare, Azure CDN and WAF, AWS CloudFront and WAF)
At least 8+ years of experience working tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
At least 8+ years of experience architecting, deploying, and managing endpoint security and EDR technology
At least 8+ years of experience using scripting languages (Python, Bash, PowerShell, etc.)
At least 8+ years of experience with Windows, Linux, or MacOS administration
At least 8+ years of experience working with vulnerability management and scanning tools
Desirable Skills/Experience
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
Experience in implementing and operating Data Loss Prevention Systems
Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
Strong understanding of cloud-based services such as O365, Azure, AD, IAM
Strong understanding of CIS controls
Experience with Syslog-NG, Splunk, Humio or similar SIEM/log aggregation systems
Experience with SSO products and services such as PingFederate or Okta
Experience with Netskope, Zscaler or similar cloud proxies
Familiarly with CASB/SASE products
Experience with Cloud-based EDR tools
Knowledge of endpoint security management, configuration policies, and procedures
Experience with asset management and on-prem/cloud-based vulnerability management tools
Highly flexible/willing to learn new technologies
Highly organized with excellent analytical, problem solving and decision-making skills
Excellent communication and collaboration skills
Mode of Interview: Video
Duration: 12 months
Assignment Name
Senior Security Engineer (2 positions: Leads ONLY)
Work Location:
80 Maiden Lane (7-hour day), Brooklyn NY must be local
Tasks
Lead the implementation of cybersecurity initiatives for My City Portal development project
Perform organization-wide cybersecurity risk analysis and maintain updates on the identified risks
Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
Create and follow a process to track progress against cybersecurity plans
Create network architecture diagrams, collect communication flow information, and build high level and low-level design documents
Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
Translate compliance requirements into specific security controls and present compensating security controls
Report to upper management on current cybersecurity posture and progress on mitigating identified risks
Identify cybersecurity gaps and maintain a risk register
Create metrics to measure cybersecurity controls efficacy
Work with partners to create and maintain incident response plans
Monitor and respond to alerts
Review and optimize existing cybersecurity controls
Ensure the organization compliance with cybersecurity best practices, policies and standards
Enforce endpoint security standards
Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation
Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development
Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
Mandatory Skills
Bachelor's degree in computer science, Information Systems or equivalent work experience
At least 15+ years of experience in information security
At least 10+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
At least 10+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML, Kerberos, MFA technologies, and Identity management
At least 8+ years of experience working in cloud environment (Azure, AWS, GCP)
At least 8+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, Cloud Flare, Azure CDN and WAF, AWS CloudFront and WAF)
At least 8+ years of experience working tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
At least 8+ years of experience architecting, deploying, and managing endpoint security and EDR technology
At least 8+ years of experience using scripting languages (Python, Bash, PowerShell, etc.)
At least 8+ years of experience with Windows, Linux, or MacOS administration
At least 8+ years of experience working with vulnerability management and scanning tools
Desirable Skills/Experience
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
Experience in implementing and operating Data Loss Prevention Systems
Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
Strong understanding of cloud-based services such as O365, Azure, AD, IAM
Strong understanding of CIS controls
Experience with Syslog-NG, Splunk, Humio or similar SIEM/log aggregation systems
Experience with SSO products and services such as PingFederate or Okta
Experience with Netskope, Zscaler or similar cloud proxies
Familiarly with CASB/SASE products
Experience with Cloud-based EDR tools
Knowledge of endpoint security management, configuration policies, and procedures
Experience with asset management and on-prem/cloud-based vulnerability management tools
Highly flexible/willing to learn new technologies
Highly organized with excellent analytical, problem solving and decision-making skills
Excellent communication and collaboration skills
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Other -
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at TekIntegral by 2x
See who you knowGet notified about new Lead Security Engineer jobs in Brooklyn, NY.
Sign in to create job alertSimilar Searches
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub