P

Senior Information Security Engineer

Pivotal Solutions
Full-time
On-site
New York, New York, United States

Description: Senior level MIS Security position with a primary responsibility resolving security-based issues, alerts, and troubleshooting. Work may include incident management and documentation, monitor alerts, hunting, advisories, and bulletins as required and innovation. 

Analyze technological and architectural upgrades/modifications to the Information Systems Security architecture and help develop technical recommendations.  Other IT security related tasks are also involved as well as special project involvement based on demonstrated ability. Managing projects and be a role model.

 

Qualifications: Must have an in-depth understanding of Microsoft operating systems and its security (server and workstation), authentication Ad and AAD, authentication methods, networking, email security, DevSecOps, scripting/PowerShell, and IT security concepts and tool.  Must have good documentation and communication skills and be able to operate with minimal supervision. Some years of responsible managing projects, And willing to be a role model and be a team leader.

 

Experience Requirements: Networking, systems, Azure architecture and security. Must have some experience in DevSecOps, scripting/PowerShell, SQL, IDS/ IPS. Must have knowledge of MFA architectures, O365 architecture and emails security and Azure. 

Other IT security related tasks are also involved as well as special project involvement based on demonstrated ability. responsible leadership ability in management or supervisory positions.

 

 Experience: 4 to 10 years

 

Experience substitutions: Bachelor’s degree in a Technical Field or Advanced level IT Certification such as CISSP, CPTE, CCIE Security, SCYBER, CISM, CASP, CCSK, CCDP, CCNP Security, CEH, CISA, GSLC, GCED, AZ-500 or Experience.

  

  • Provide guidance and expertise in the field of risk management regarding the protection and security of digital assets in the cloud and on premise.
  • Maintain and improve Information Security Architectures in line with the CIA triad.
  • Maintain and improve information security policies and procedures; develops security guidelines and safe practices for computing and networking systems and maintain the documentation.
  • Manage, maintain, and monitor security technologies such as vulnerability scanning solutions, IDS/IPS, anti- virus technologies, SIEM technologies, host forensics and malware analysis, web application firewalls and proxy solutions.
  • Manage real time threat detention technologies to identify and quarantine threats, Monitor Endpoint Security; alerts and takes corrective action.
  • Minimize security threats by examining governance, technology infrastructure, and facilities to identify security deficiencies, using risk analysis and follow up with corrective action plan.
  • Monitor internal control systems to ensure appropriate access levels are maintained, protect against unauthorized system access, modification and destruction.
  • Review security related reports, logs and occurrences; escalate issues and initiate security response procedures.
  • Create and review vulnerability reports, track compliance with vulnerability management policies and procedures in accordance to established ISO 27001:2013 guidelines.
  • Research and evaluate emerging technologies in support of security technology enhancements, propose technical solutions to management, to address security weaknesses and coordinate with relevant stakeholders to implement.
  • Reviews, updates, and enforces data security practices within the organization; tests for exposures to ensure adherence to guidelines and procedures and works with platform experts to implement remedial measures as appropriate.
  • Tests security controls and manages the associated remediation of any deficiencies as needed.
  • Assess security information, triaging and responding to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources while prioritizing information security incidents.
  • Perform Project Management tasks for security initiatives /projects.
  • Manage incident-handling processes, which include implementation of containment, protection, and remediation activities.
  • Coordinates the handling and resolution of security incidents, to include system intrusions and abuse, and acts as a primary point of contact.
  • Develop responses to internal & external audits, penetration tests and vulnerability assessments.
  • Support Information Security training and awareness by providing ideas and content, assist HR with employee security awareness education and training.
  • Manage multiple priorities and deadlines concurrently.
  • Willing to be a team leader. And be a role model.
  • Azure and Office 365 are experience is needed.