SR. CYBER SECURITY ENGINEER
3B Staffing LLC, New York, NY, United States
TASKS:
•
Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks
• Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
•
Create and follow a process to track progress against cybersecurity plans
• Lead the implementation of cybersecurity initiatives for MyCity Portal development project
• Create network architecture diagrams, collect communication flow information, and build high level and low level design documents
• Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
• Translate compliance requirements into specific security controls and present compensating security controls
• Report to upper management on current cybersecurity posture and progress on mitigating identified risks
• Identify cybersecurity gaps and maintain a risk register
• Create metrics to measure cybersecurity controls efficacy
•
Work with partners to create and maintain incident response plans
• Monitor and respond to alerts
• Review and optimize existing cybersecurity controls
• Ensure the organization compliance with cybersecurity best practices, policies and standards
• Enforce endpoint security standards
• Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation
•
Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development
• Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
MANDATORY SKILLS:
•
Bachelor's degree in Computer Science, Information Systems or equivalent work experience
• At least 15+ years of experience in information security
• At least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
• At least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
• At least 4+ years of experience working in cloud environment (Azure, AWS, GCP)
• At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)
• At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
•
At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology
• At least 4+ years of experience using scripting languages (Python, Bash, Powershell, etc.)
• At least 4+ years of experience with Windows, Linux, or MacOS administration
• At least 4+ years of experience working with vulnerability management and scanning tools
• At least 4+ years of experience working with application scanning tools
DESIRABLE SKILLS/EXPERIENCE:
•
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
• Experience in implementing and operating Data Loss Prevention Systems
• Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
•
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
• Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID
• Strong understanding of CIS controls
• Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems
• Experience with SSO products and services such as Entra ID, PingFederate, or Okta
• Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies
•
Familiarly with CASB/SASE products
• Experience with Cloud-based EDR/XDR tools
• Knowledge of endpoint security management, configuration policies, and procedures
• Experience with asset management and on-prem/cloud-based vulnerability management tools
• Highly flexible/willing to learn new technologies
• Highly organized with excellent analytical, problem solving and decision-making skills
• Excellent communication and collaboration skills
•
Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks
• Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
•
Create and follow a process to track progress against cybersecurity plans
• Lead the implementation of cybersecurity initiatives for MyCity Portal development project
• Create network architecture diagrams, collect communication flow information, and build high level and low level design documents
• Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
• Translate compliance requirements into specific security controls and present compensating security controls
• Report to upper management on current cybersecurity posture and progress on mitigating identified risks
• Identify cybersecurity gaps and maintain a risk register
• Create metrics to measure cybersecurity controls efficacy
•
Work with partners to create and maintain incident response plans
• Monitor and respond to alerts
• Review and optimize existing cybersecurity controls
• Ensure the organization compliance with cybersecurity best practices, policies and standards
• Enforce endpoint security standards
• Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation
•
Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development
• Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
MANDATORY SKILLS:
•
Bachelor's degree in Computer Science, Information Systems or equivalent work experience
• At least 15+ years of experience in information security
• At least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
• At least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
• At least 4+ years of experience working in cloud environment (Azure, AWS, GCP)
• At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)
• At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
•
At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology
• At least 4+ years of experience using scripting languages (Python, Bash, Powershell, etc.)
• At least 4+ years of experience with Windows, Linux, or MacOS administration
• At least 4+ years of experience working with vulnerability management and scanning tools
• At least 4+ years of experience working with application scanning tools
DESIRABLE SKILLS/EXPERIENCE:
•
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
• Experience in implementing and operating Data Loss Prevention Systems
• Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
•
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
• Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID
• Strong understanding of CIS controls
• Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems
• Experience with SSO products and services such as Entra ID, PingFederate, or Okta
• Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies
•
Familiarly with CASB/SASE products
• Experience with Cloud-based EDR/XDR tools
• Knowledge of endpoint security management, configuration policies, and procedures
• Experience with asset management and on-prem/cloud-based vulnerability management tools
• Highly flexible/willing to learn new technologies
• Highly organized with excellent analytical, problem solving and decision-making skills
• Excellent communication and collaboration skills