The Senior Information Security Engineer is responsible for effectively planning, designing, implementing and monitoring security technologies and projects that support the firms' underlying security policies and procedures. Design, document and implement appropriate security policies and standards that protect the firms' information assets. Your primary responsibilities will be enhancing the security of the Company's corporate and production systems and networks. You will work closely with the IT operations, system administration, and application development teams to identify risks to the business and lead solutions to protect customer and financial information.
Experience & Education Requirements:
- Bachelor’s degree in Computer Science, MIS or Technology Forensics or related technical field; or equivalent work experience.
- Certifications required: CISSP, CISA, CISM, or CRISC; or equivalent security certification.
- Minimum 5 years’ experience in Information Security, with experience working for a Financial Services E-commerce internet company.
- Strong hands-on technical skills in both security risks and implementing solutions
- Strong investigative mindset with acute attention to detail.
- Broad exposure to multiple security disciplines and in-depth exposure in Incident Response or Detection Engineering.
- Strong background in incident response, forensics, intrusion detection or threat intelligence.
- Strong working knowledge of TCP/IP networking and common protocols.
- Knowledge of a broad range of security controls and risk management frameworks NIST & (ISO) 2700x standards.
- Experience with regulatory compliance issues such as FFIEC, OFCC, SEC: SOX, HIPAA, GLBA, and PCI.
- Experience with centralized log management tools
- Experience with managing endpoint and server protection technology such as anti-virus/spyware/malware, application whitelisting, and patching tools.
- Experience with vulnerability and network penetration testing.
- Strong communication skills and the ability to work collaboratively with IT and system administration and application development staff.
- Strong organizational skills to lead multiple highly visible projects
Technical Competency Preferred:
- Office 365
- Virtualization - VMware ESX and Microsoft’s Hyper-V
- Microsoft IIS and .NET framework
- Intermediate knowledge of Python, PowerShell, or similar
- Palo Alto PAN-OS
- Deep security experience (3+ years) in at least two major platforms (e.g., AWS, Azure, Windows, Linux, etc.)
A Human Approach to Staffing
Our Company is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment which is free of harassment, discrimination, or retaliation because of sex, gender, race, religion, color, national origin, physical or mental disability, genetic information, marital status, age, sexual orientation, gender identity, military service, veteran status, or any other status protected by federal, state, or local laws. The Company is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment.