fulltimejobs.com
Jobs in Australia Jobs in Canada Jobs in China Jobs in France Jobs in Germany Jobs in India Jobs in Indonesia Jobs in Japan Jobs in Malaysia Jobs in Pakistan Jobs in Philippines Jobs in Russia Jobs in Singapore Jobs in Taiwan Jobs in Thailand Jobs in U.K. Jobs in USA Jobs in World Wide

Job Details
Email to Friend Save Back

Information Security Engineer

NEW YORK-10005, NY, US
 06/26/2019

-

Required Skills

    CISSP
Company

Infinity Consulting Solutions, Inc

Experience

7 to 9 Year(s)

Job Description

The Information Security & IT Risk Engineer will be responsible for ensuring that IT security systems are configured, deployed, and maintained in accordance with polices and standards.

This position requires participation in technical research and development to enable continuing innovation for security and IT risk management.

The candidate will be responsible for monitoring regular vulnerability scanning and penetration testing, and will participate in incident response and investigations.

Responsibilities:

Focus on cybersecurity solutions and ways to protect the firm from virus and malware vulnerabilities

Develop and maintain IT Risk log analysis solutions, including data collection and aggregations, data normalization, and reporting.

Review and analysis of long-term comprehensive security data from a wide variety of sources.

Assist with project management and will be responsible for the devel opment and management of ongoing Information Security and Corporate Governance training programs.
They will develop and maintain a secure forum for all Information Security related activities.

Responsible for following established guidelines and identifying and resolving problems.

Contribute to work flow or process change and redesign, and to form a strong basic understanding of the specific product or process; May also be accountable for regular reporting or process administration as owner.

Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.

Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant and relevant phases of all IT processes.

Ensure that the IT systems are compliant with applicable regulations, group policies, codes and industry guidance, e.g. performing gap analyses between standards such as SANS
Top 20, NIST 800-53, ISO 27001, and the Information Security Framework.

Where gaps are identified, assist in implementation of controls.

Collate and quality assure data provided to other departments such as Risk Management and Internal Audit.

Review security event log data and investigate anomalies.

Perform monitoring activities and risk assessments.

Respond to, and where appropriate, resolve or escalate reported security incidents.

Management of security related events and tracking of remediation process.

Implement and support information security solutions including security architectures, change/configuration management, and the integration of security products as needed.

Develop and maintain documentation for security systems and procedures and processes.
Develop security awareness training for new employees.

Participate in information security working groups.

Perform testing to evaluate new products for network and system security controls.

Maintain logging and monitoring standards, technical investigative techniques and reporting.

Maintain project scheduling and task follow on security initiatives.

Qualifications:

7+ Years of Experience

Strong expertise with the following technologies and solutions at a minimum:

- Cybersecurity solutions and protection

- Identity and Access Management

- Endpoint Security

- Privileged Management

- IT Risk Assessments

- IT Risk and Security Training

- Next Generation Firewalls

- Next Generation End Point Detection

- Vulnerability Scanning

- Threat Hunting

- Web and Email Security

- GRC

- System vulnerability tools

- Security monitoring tools

- Application security risk assessment tools

Performing gap analyses within different environments coupled with an in depth understanding of regulatory guidelines as well as standards and best practices related to ISO and NIST.

Ability to analyze vulnerabilities within the internal infrastructure and oversee timely remediation.

Strong ability to recognize and remediate issues within the internal infrastructure.

Ability to communicate information security concepts across a broad range of technical & non-technical staff.

Good influencing, relationship and stakeholder management skill

One of the following certifications is a plus - SSCP, CISM, CISA, or CISSP.

Weekend and night work may be needed at times based on project, support, and business needs.

Security Architect
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
- 
Email to friend Save Back