Need Cyber Security Engineer in Brooklyn, NY (Onsite)- Need locals to NY/NJ

We have a Contract assignment available with our client in Brooklyn, NY

Title: Cyber Security Engineer

Location: Brooklyn, NY (Onsite)

Position Type: Contract 12 months which might extend

7 hours per day

Important Note:

Need locals to NY/NJ within commute only

Should have local NY/NJ projects

Any Government experience will be plus

Mandatory Skills/Experience:

• Bachelor's degree in Computer Science, Information Systems, or equivalent work experience.
• At least 12 years of experience in information security.
• At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, IT operations, and project management.
• At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management.
• At least 4 years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
• At least 4 years of experience working in cloud environments (Azure, AWS, Google Cloud Platform).
• At least 4 years of experience securing Internet-facing applications, utilizing WAF technologies (e.g., Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies).
• At least 4 years of experience architecting, deploying, and managing endpoint security and EDR technology.
• At least 4 years of experience using scripting languages (Python, Bash, PowerShell, etc.).
• At least 4 years of experience with Windows, Linux, or macOS administration.
• At least 4 years of experience working with vulnerability management and scanning tools.
• At least 4 years of experience working with application scanning tools.

Desirable Skills/Experience:

• Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments.
• Experience in implementing and operating Data Loss Prevention Systems.
• Experience with information security principles and practices, especially the implementation of practical technical controls to support organizational policy.
• Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including the software development lifecycle and compensating controls.
• Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID.
• Strong understanding of CIS controls.
• Experience with Syslog-NG, LogScale (Humio), or similar SIEM/log aggregation systems.
• Experience with SSO products and services such as Entra ID, PingFederate, or Okta.
• Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access, or similar cloud proxies.
• Familiarity with CASB/SASE products.
• Experience with Cloud-based EDR/XDR tools.
• Knowledge of endpoint security management, configuration policies, and procedures.
• Experience with asset management and on-prem/cloud-based vulnerability management tools.
• Highly flexible and willing to learn new technologies.
• Highly organized with excellent analytical, problem-solving, and decision-making skills.
• Excellent communication and collaboration skills.

Scope of Services:

MyCity is a single portal for all City services and benefits, designed to provide a simple, seamless, and intuitive experience for interacting with City government digitally. The platform is developed with New Yorkers at the center of the process, prioritizing features through user research and delivering value through phased releases. The MyCity portal encompasses several workstreams, including Child Care, Business Portal, and Workforce Development Services.

OTI Cyber Command is seeking additional support as the cyber threat landscape continues to evolve and Citywide cybersecurity solutions are deployed in large, complex networked environments. The required skill set includes providing guidance at various stages of planning and implementing security design, processes, and solutions, as well as testing and validation. The role involves pivoting between numerous technical projects and effectively communicating status at various leadership levels. The resource will have significant interaction with NYC Cyber Command leadership, engineering, architecture, application security teams, incident response, and other cybersecurity practitioners.

Key Responsibilities:

• Perform organization-wide cybersecurity risk analysis and maintain updates on identified risks.
• Develop, socialize, and obtain approval for cybersecurity strategies and plans to address both generic and specific cybersecurity risks.
• Establish and follow a process to track progress against cybersecurity plans.
• Lead the implementation of cybersecurity initiatives for the MyCity Portal development project.
• Create network architecture diagrams, collect communication flow information, and build high-level and low-level design documents.
• Address complex network problems, interact with vendor support teams, and drive issues to resolution.
• Translate compliance requirements into specific security controls and present compensating security controls.
• Report to upper management on current cybersecurity posture and progress on mitigating identified risks.
• Identify cybersecurity gaps and maintain a risk register.
• Develop metrics to measure the efficacy of cybersecurity controls.
• Collaborate with partners to create and maintain incident response plans.
• Monitor and respond to alerts.
• Review and optimize existing cybersecurity controls.
• Ensure organizational compliance with cybersecurity best practices, policies, and standards.
• Enforce endpoint security standards.
• Analyze vulnerabilities and work with Application Development, IT, and Systems teams to ensure timely remediation and validation.
• Conduct threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design, and application development.
• Instruct and guide other teams to craft "secure by default" infrastructure; investigate, build, and recommend innovative technologies or methods to improve the security of cloud-based and on-premises environments.