$100K - $150K(Ladders Estimates)
This role will serve as a key leader for the Information Security Team and related programs for the firm. The Information Security Engineer serves as a key member of the Information Security Team. The role of Information Security Engineer includes ensuring the proper implementation of the security programs and priorities. This position is network security focused, so experience with firewall management in traditional data center environments and in cloud environments, deep understanding of network protocols and network security practices is essential. The integration, testing and monitoring of network traffic, applicable software and application products related to managing security are all part of the scope this individual will tackle. A key aspect of the duties will be working with management, analysts, developers and business partners, internal and external stakeholders to develop and maintain a roadmap to facilitate the firm's business objectives while ensuring the protection of information flowing across the firm's networks.
Defining and recommending approaches to improve the firm's security posture – particularly where network security is involved, providing technical mentorship to a team of security professionals, and consulting with the firm and clients to evolve information governance in the firm. Current responsibilities include management of network security devices such as firewalls, identifying and developing workflow automation processes that improve response times to security events, working closely with internal and external customers to improve the firm's information protection programs, and developing the team's technical expertise. This person is technically adept, with deep skills in network security. A deep understanding of network protocols, security methodologies and architecture is necessary, with experience in responding to forensics investigations a plus. Knowledge and application of frameworks such as ISO27001 and MITRE ATT&CK is helpful. Presenting information to a variety of audiences, from senior partners to technical staff is also helpful but not required. The Information Security Engineer's strategic role includes helping to assess the firm's business direction and how the current security program aligns with that direction, developing the Security Team's roadmap to meet the firm's business needs, and identifying projects to support that roadmap.
Facilitates the provisioning of access to applications, infrastructure, databases, operating systems, network devices as per established procedures. Understand, develop, and improve the firm's firewall architecture, the Unified Threat platform, and network security event response are all key responsibilities of this position. The position also performs tier-III service and incident support. This position will work with application teams to define requirements for internal application access, external federation requirements, and assist cloud infrastructure connectivity. Identify areas and implement solutions for process automation. Logging, categorization and prioritizing of network events. Access request review and verification. Access request closure after verification. Maintain network security key performance metrics as needed and manage reporting. Work with partners to federate identity when practical. Develops policy or practice guide for communications and is responsible for training as needed. Stay current with internal and external developments in technology including best practices for network security and architecture. Perform other duties, as assigned. Be present at work during regularly scheduled working hours and as needed in the position, consistent with the Firm's attendance expectations.
Ability to communicate effectively both orally and in writing with both junior and senior level personnel. Excellent listening skills. Seven (7) years of IT-related work experience in network security. Have a broad understanding of the impact of changes to the user community. Ability to establish and facilitate effective working relationships with both senior and junior personnel. Understanding of advanced defense-in-depth concepts and when to apply each, e.g. tokenization, HIDS/NIDS, and cloud services security. Expertise in designing secure networks, systems and application architectures in on-premise and cloud environments. Experience with implementation of security concepts in cloud-based environments including containerized deployments in Azure and AWS platforms. Intermediate forensics and incident response knowledge. Understanding and experience with firewall management in Azure and AWS environments. Experience with ElasitcSearch, SIEM, and other security monitoring and alerting tools. Basic knowledge of risk management concepts. Understanding of ISO-2700X and MITRE ATT&CK frameworks. Regulatory fundamentals – HIPAA, GLBA, SOX, PCI-DSS – when they apply and data sets impacted. Identify relevant concerns, factors, patterns, tendencies and relationships to formulate logical and objective conclusions and recognize alternatives or develop logical plans to address user needs. Ability to take analytical findings and convert them into actionable changes. Ability to understand business drivers in order to map process solution design. Create and maintain documentation for network security management tools and processes. Evaluate and recommend methods and tools for streamlining and improving processes. Must be extremely detail oriented and well organized. Self-directed and deals well with ambiguity. The ability to work independently and prioritize short-term deliverables is a requirement. Maintain a professional demeanor under stressful conditions. Navigate departmental and firm organizational structures in order to understand issues and facilitate resolution. Work well under pressure and adapt to a changing environment. Experience with Active Directory and Microsoft operating systems required. Experience with daily security operations. Understanding and hands-on experience with process automation and improvement. Working knowledge of Public Key Infrastructure and Microsoft Certificate Authority.
Valid Through: 2019-11-13