What are the responsibilities and job description for the Senior Security Engineer position at RightTalents?
Job Details
Title: Senior Security Engineer
Client: NYC Agency
Location: New York, NY (Onsite)
Duration: 12 Months
Work Hours: 35 hrs/week
Job Description:
- Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks
- Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
- Create and follow a process to track progress against cybersecurity plans
- Lead the implementation of cybersecurity initiatives for MyCity Portal development project
- Create network architecture diagrams, collect communication flow information, and build high level and low-level design documents
Mandatory Skills
- Bachelor s degree in computer science, Information Systems or equivalent work experience
- 12 years of experience in information security
- 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
- 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
- 4 years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
- 4 years of experience working in cloud environment (Azure, AWS, Google Cloud Platform)
- 4 years of experience working in securing Internet-facing applications, utilizing WAF technologies (e.g.: Akamai CDN and WAF, Cloudflare, Azure CDN and WAF, Azure Front Door, AWS CloudFront and WAF, and similar reverse-proxy technologies)
- 4 years of experience architecting, deploying, and managing endpoint security and EDR technology
- 4 years of experience using scripting languages (Python, Bash, PowerShell, etc.)
- 4 years of experience with Windows, Linux, or MacOS administration
- 4 years of experience working with vulnerability management and scanning tools
- 4 years of experience working with application scanning tools
Desirable Skills
- Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
- Experience in implementing and operating Data Loss Prevention Systems
- Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
- Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
- Strong understanding of cloud-based services such as O365, AZURE AD, IAM, Entra ID
- Strong understanding of CIS controls
- Experience with Syslog-NG, Logscale (Humio) or similar SIEM/log aggregation systems
- Experience with SSO products and services such as Entra ID, PingFederate, or Okta
- Experience with Netskope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies
- Familiarly with CASB/SASE products
- Experience with Cloud-based EDR/XDR tools
- Knowledge of endpoint security management, configuration policies, and procedures
- Experience with asset management and on-prem/cloud-based vulnerability management tools
- Highly flexible/willing to learn new technologies
- Highly organized with excellent analytical, problem solving and decision-making skills
- Excellent communication and collaboration skills
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
