The Senior Security Engineer provides leadership and hands-on expertise for a diverse set of security projects including but not limited to threat intelligence, security monitoring, security automation, intrusion prevention, purple teaming and endpoint security.
The Senior Security Engineer will identify, evaluate and implement new technologies to improve the organization’s capability to prevent, detect, contain and respond to threats, rapidly prototyping cutting-edge solutions and integrating new data with data from existing systems using available tools and/or custom development.
- Lead and support information security projects by researching, documenting, and assisting with the implementation of security solutions.
- Leverage Blackstone’s threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities.
- Perform Red/Purple Team exercises to identify and correct gaps in Blackstone’s security monitoring program.
- Leverage Blackstone’s Continuous Testing framework to identify, design and deploy tests for Blackstone’s security monitoring controls.
- Integrate threat intelligence feeds and sources with Blackstone’s security monitoring infrastructure.
- Support, maintain and enhance Blackstone’s Orchestration and Automation platform
- Design, develop and deploy automation playbooks for automated incident response investigations.
- Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
- Identify and implement tools to baseline activity and alert or limit suspicious activity and insider threat among networks, databases, data and users
- 3-5 years in a hands-on technical role in information security
- Hands-on experience deploying & operating security technologies including devices, networks and systems that prevent, detect & respond to security threats
- Strong understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill-chain analysis, risk assessment and security metrics
- Working knowledge of a wide range of current network security technologies such as firewalls, proxies, network and host-based intrusion prevention, DLP, vulnerability assessment tools, security information/event management, endpoint security, anti-virus/anti-malware, etc.
- Strong understanding of network protocols
- Development/scripting experience: Python and/or PowerShell.
- Working knowledge of Information Security best practices
- Desire to learn new technologies, share best practices, and contribute to the broader shared knowledge of a global infrastructure and security team
- Ability to self-organize, prioritize activities independently, create documentation and reporting
- Ability to interface with business and technology stakeholders
- Ability to manage stakeholder expectations in the delivery of projects
- Enables creative solutions by stimulating ideas through discussion and collaboration
- Manages uncertainty well – able to assess and act with good enough but imperfect or incomplete information
- Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
- B.S. in Computer Science or Engineering or similar technical program
- At least one active security certification: CEH, OSCP, CPTE, CISM, CISSP or related