Our client, a leading banking institution, is looking for a Security Engineer to join their growing team.
25th November, 2019
Location(s): Jersey City, NJ; NY, NY; or Boston, MA
Job Synthesis & Description
Our client, a leading banking institution, is currently recruiting a Cyber Security Engineer (Security Configuration) to join their Cyber Security organization. The Cyber Security Engineer (Security Configuration) will be responsible for helping to lead the implementation of security configuration standards (hardening standards) across the firm and providing insight to management on the status of remediation.
In this role you will primarily be responsible for:
Will contribute to the strategic road-map of security configuration standards (security hardening standards), raising the level of protection year on year.
Raising awareness and providing advisory on the implementation of security configuration standards.
Contribute to managing the evaluation of security configuration adherence across all infrastructure components.
Provide advisory on the implementation of additional security hardening.
Develop effective procedures/controls to reduce security configuration risks across different technologies.
Provide security engineering and architecture support on new controls.
Some of your additional responsibilities include:
Security Configuration Standards
Based on a review of vendor recommended security standards as well as industry recommended standards, help define the road-map for the evolution of the Firm’s security configuration standards.
Contribute to providing tactical and strategic direction to the infrastructure teams on how to implement the security configuration standards (including automation options).
Be the first point of escalation for any conflicts on system parameters and applications and identify alternative controls or configurations.
Support technical reviews of risk exceptions.
Help lead technical discussion around security the security configuration standards with various non-technical and technical parties.
Security Configuration Evaluation Program
Responsible for the ongoing testing of the adherence to security configuration standards across all platforms.
Help manage configurations of tools and escalation of the identified security configuration gaps.
Help lead resolution discussions with application, database and operating system platform owners on the remediation vulnerabilities.
Manage Security Configuration Reporting
Contribute to the development of an operational support plan for the sustained success of the program – including KPIs and KRIs, training and development of security analysts and identify process improvements.
Enhance the firm’s security configuration identification program
Help provide oversight and guidance over the firm’s security configuration activities.
Security Architecture Support / Security Engineering Support
Collaborate with security architects, development, network, server and web teams assess security weaknesses and provide prevention and detection recommendations for cyber threats.
Understand and Implement developing regulatory guidelines in regards to security configuration and hardening.
5+ years’ of relevant experience in two or more of the following areas: Network security management, Web application security management, Vulnerability & Patch management, Designing and Operating enterprise security controls, Malware analysis and remediation, Security Incident Response management and Penetration Test/Red Team