Senior IT Security Engineer

Large financial company is seeking a Senior IT Security Engineer who will provide leadership and expertise in securing systems and data. Will be responsible for overseeing the implementation, maintenance, and monitoring of a variety of security controls, ensuring that technology and products remain secure. Will consult with internal and external stakeholders to help maintain a strong security posture. The Senior IT Security Engineer will also guide and support junior team members, fostering a culture of security across the organization.

Key Responsibilities:

• Serve as a lead advisor on information protection, working with teams to develop secure solutions for complex challenges.
• Conduct risk assessments and oversee initiatives to address identified vulnerabilities.
• Review audit results and recommend actions to mitigate risks to acceptable levels.
• Provide guidance on secure system architecture and network design decisions.
• Ensure security changes align with the organization's established change management protocols.
• Create and refine policies, standards, and guidelines to maintain a strong security framework.
• Implement automated solutions to streamline security processes and improve accuracy.
• Monitor and enhance common security measures such as OS hardening, intrusion detection, logging, and data protection.
• Advocate for best practices in security and support training and awareness initiatives across teams.
• Respond to and lead efforts during security incidents when necessary.
• Complete additional tasks as assigned.

Required Experience & Skills:

• In-depth experience working with various security technologies, such as firewall management, intrusion detection, malware protection, vulnerability scanning, and security event management.
• At least 7 years in IT roles, with a minimum of 4 years focused on security engineering.
• Strong familiarity with cloud security practices and technologies, particularly those related to large-scale environments including Azure.
• Experience with security monitoring systems such as those used for event correlation and threat detection, including Microsoft Sentinel.
• Understanding of compliance frameworks relevant to financial services and industries with high regulatory standards (e.g., SOX, PCI, GLBA, SAS70).
• Strong knowledge of network architecture and the ability to analyze traffic and protocols.
• Proficiency in Linux and Windows systems, including key infrastructure technologies like Active Directory.
• Demonstrated success in managing security technologies, including the ability to improve and optimize tools.
• Experience with scripting languages to automate security tasks and workflows (e.g., Python, PowerShell).
• Relevant security certifications are a plus, but not required.

Education:

• Technology focused Bachelor's degree is preferred.