What are the responsibilities and job description for the Cyber Security Engineer position at Ket Software?
Position: Senior Security Engineer – Lev.3
New York, NY
Work Location: 100% On-site
Duration: 12 months
Resource Must provide Three (3) Professional References; Work Authorization & Valid Photo ID (no exceptions on this).
Local or nearby consultants will be given the highest preference.
Tasks and responsibilities:
Perform organization-wide cybersecurity risk analysis and maintain updates on the identified risks
Lead the implementation of cybersecurity initiatives for Client Portal development project
Create network architecture diagrams, collect communication flow information, and build high- and low-level design documents
Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
Translate compliance requirements into specific security controls and present compensating security controls
Report to upper management on current cybersecurity posture and progress on mitigating identified risks
Identify cybersecurity gaps and maintain a risk register
Create metrics to measure cybersecurity controls efficacy
Work with partners to create and maintain incident response plans
Review and optimize existing cybersecurity controls
Enforce endpoint security standards
Perform threat simulations to detect possible risks and provide cybersecurity recommendations.
Must have Skills:
At least 12 years of experience in Information Security and Cyber Security Application development
At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
At least 4 years of experience working in cloud environment (Azure, AWS, GCP)
At least 4 years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)
At least 4 years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
At least 4 years of experience architecting, deploying, and managing endpoint security and EDR technology
At least 4 years of experience using scripting languages (Python, Bash, Powershell, etc.)
At least 4 years of experience with Windows, Linux, or MacOS administration
At least 4 years of experience working with vulnerability management and scanning tools
At least 4 years of experience working with application scanning tools
Bachelor's degree in Computer Science, Information Systems or equivalent work experience
Excellent communication and collaboration skills
Desired Skills:
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
Experience in implementing and operating Data Loss Prevention Systems
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts
Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID
Strong understanding of CIS controls
Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems
Experience with SSO products and services such as Entra ID, PingFederate, or Okta
Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies
Familiarly with CASB/SASE products
Experience with Cloud-based EDR/XDR tools
Knowledge of endpoint security management, configuration policies, and procedures
Experience with asset management and on-prem/cloud-based vulnerability management tools
