|Location||New York, NY|
|Date Posted||April 6, 2019|
The candidate will manage and maintain the firm's security program. They will need to pro-actively identify security risks, recommend solutions, work with affected departments to address the risk, and ensure that the solutions remains in effect. They must have extensive hands-on experience with an understanding of theory and practice. The candidate's responsibilities include security for all areas of IT including servers, networks, desktops, third party services and application development.
- Lead a team of security analysts, engineers and, architects to implement technical solutions and provide operational capabilities.
- Project manage security initiatives and provide project oversight of all security projects.
- Provide oversight and technical direction for security initiatives.
- Provide leadership and technical guidance to other members of the team.
- Provide overall technical design & architecture for all aspects of security in the infrastructure.
- Lead and guide incident response initiatives
- Mentor and guide team members on tasks and goals.
- Step in and execute as a core member of the team to ensure coverage
- Supervise third-party vendors for various projects or services.
- Create and improve operational capabilities within the security organization.
- Facilitate/oversee the review of security platforms, identify deficiencies, recommend and implement improvements
- Work with vendors and colleagues to assess different technologies and determine their impact on security.
- Troubleshoot security issues and assist with security incident responses and forensic investigations
- Lead Incident Response efforts of High or Critical Security Incidents
- Be able to prepare and brief senior management of risks, on but not limited to security incidents, system vulnerabilities, and ongoing compliance functions
- Strong hands-on technical experience in the security domain. .i.e. must have recent hands-on experience with some of the key security technologies --IDS, SIEM, DLP, Firewalls, Vulnerability Management, Endpoint Security; SSL intercept etc.
- Understanding of Security Frameworks, such as: NIST 800-53, ISO/IEC 27000, FFIEC CAT
- Strong communication skills. Ability to clearly articulate ideas, solutions etc. to team members, senior management, and end users.
- Organized with Strong Project Management skills.
- Self-driven -- Ability to lead projects from initiation to completion.
- Educational background with BS / MS in Computer Science, Engineering or related area.
- Strong knowledge of internet, web, application and network security platforms.
- Strong knowledge of Linux & Windows operating system security.
- 5+ years' of experience in a similar position.
- Excellent analytical and problem solving skills to troubleshoot and resolve security issues
- Ability to perform and interpret vulnerability assessments
- Ability to administer and operate tools of the security infrastructure
- Ability to balance and prioritize work
- Experience with threat modeling, penetration testing or running security scans with third party software
- Experience working with IP networking, networking protocols and understanding of security related technologies including Encryption, VPNs, PKI, Firewalls, IDS, Proxies, NAC, SIEM, AV, DNS, Email, Wireless
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Possess security certifications (CISSP, CISA, CISM, etc)
- Experience with project management and industry best practices
- Experience working within the Financial Services industry