ESSENTIAL JOB FUNCTIONS:
- Build and administer core network and systems security controls, including: firewalls, intrusion detection and prevention, anti-malware, application whitelisting, host intrusion prevention, endpoint detection and response (EDR), privileged access management (PAM), privilege elevation, vulnerability scanners, content monitoring / filtering, security monitoring (SIEM), enterprise authentication and authorization.
- Plan and execute Information Security projects. Represent the security team on projects owned by other IT teams.
- Perform security and privacy reviews of IT services and changes (e.g., new technologies being added to the environment or that are undergoing significant changes). Monitor change management database activity to stay abreast of developments in the IT environment.
- Help define and document the firm’s Information Security Architecture and Roadmap.
- Based on the Firm’s IT Risk Assessment, plan for the lifecycle, implementation and integration of future security technologies with other security and non-security technologies. Recommend and drive technology and process improvements for Information Security Programs.
- Collaborate actively with senior technologists on other IT teams to design solutions that satisfy the priorities of each individual IT team involved, while also providing the best possible user experience and appropriate security assurance.
- Interface and cooperate with internal and external audit and exam teams as required.
- Establish architectures and baseline configurations for various security technologies, including: anti-malware, endpoint detection and response (EDR), security monitoring, systems security, network security, identity and access management, public-key infrastructure (PKI), deception technologies, DLP and web/e-mail content filtering.
- Design and maintain strategies for Information Security documentation, including runbooks, procedures, processes and hardware and software inventory detail.
- Implement and operate technical security solutions across a wide range of technologies, and serve as a third-tier support resource and SME for these technologies as required.
- Participate in technical and non-technical projects requiring information security oversight to ensure policies, procedures and standards are met.
- Serve as a member of the Computer Security Incident Response Team (CSIRT), assisting with incident response (IR) with the IR and security operations center (SOC) efforts.
- Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.
- Assist with threat and vulnerability management activities, including: triage of new vulnerabilities, root cause analysis, threat modeling and mitigation planning.
- Coordinate closely with Information Security Governance, Security Operations and various teams throughout the firm to align information protection strategies with technologies and functions throughout the firm.
- In coordination with Information Security Governance, publish and maintain appropriate Information Security policies and standards to help guide selection and implementation of various technologies, throughout the IT organization.
- Assist with Information Security program management, including defining and documenting corporate security policies and procedures, security metrics, and coordinating the security awareness program.
- Automate workflows for security processes and procedures. Identify and drive improvements to Information Security programs.
- Provide technical guidance, training and direction to less experienced staff. Take a proactive approach to mentoring other staff members.
- Participate in DR planning and testing activities.
- May require on-call as assigned.
- Other duties as assigned.
Additional Job Description
QUALIFICATIONS / KSAs:
- Bachelor’s degree in Computer Science, Information Systems, Computer Engineering or related discipline, or equivalent experience and technical background.
- CISSP, GSEC, CISA, or similar certification desired.
- At least 6 years of relevant experience.
- Strong technical knowledge and understanding of security concepts, for example: network/perimeter security, security event monitoring, vulnerability assessment, intrusion detection and response, encryption technologies, enterprise authentication (e.g., SAML/SSO, Active Directory, etc.), EDR, PAM and content monitoring/filtering.
- Strong technical knowledge and understanding of key technology platforms.
- Working knowledge of network and security protocols including TCP/IP, SMTP, FTP, SSH, TLS, SSL, HTTP, IPSec and other VPN protocols.
- Strong written and verbal communications skills. Ability to speak and explain complex security issues to audiences without similar backgrounds.
- Ability to effectively communicate business risk as it relates to information security.
- Excellent time management and organizational skills to effectively meet multiple objectives.
- Results oriented, self-motivated and capable of performing several tasks simultaneously.
- Strong analytical, process and troubleshooting skills.
- The desire, commitment and ability to be a team player.
- Professional attitude and presentation.