Cybersecurity Security Engineer

No AGENCIES

Duties and Responsibilities:
Manage, configure and support on premise and cloud-based information security monitoring systems including, but not limited to, eSentire, Microsoft Office365/Azure security consoles, Cisco Umbrella and Palo Alto Panorama.

Information security monitoring systems
Third party threat intelligence
Vendor vulnerability information Manage and oversee internal department auditing function, which includes review of: user accounts; elevated privileges; patch and security configuration status; and information access.
Manage the maintenance and development of the policies and procedures related to the Firm s Information Security Management System (ISMS).
Actively participate in the Firm s Computer Security Incident Response Team (CSIRT) and Information Security Forum (ISF).

Requirements:
Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
Strong understanding of internal control concepts and policies with focus on improving process/procedure manuals and documentation.
o Familiarity with the ISO 27001 certification process a plus
Working knowledge of network devices and architecture, TCP/IP, network protocols, server operating systems, vulnerability scanning, endpoint protection, intrusion detection, firewalls, and content filtering.
Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, Vmware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc
Experience with various social engineering, and penetration testing approaches/tools for vulnerability identification, enumeration, and purposeful exploitation to determine security posture of a network, system, or application's security configuration

Requirements:
Bachelor s degree
Information Security certification.
Attributes expected of all candidates include: responsibility, honesty, reliability, initiative, patience, attention to detail, determination, taking pride in one s work, and a desire to learn.
Interpersonal skills necessary to interact and work productively as part of the Information Systems team, delivering high quality services to the Firm and our clients.
Ability to meet deadlines and effectively complete operational and project-based assignments.
Ability to communicate effectively, in person and in writing, with Firm personnel at all levels and outside parties as necessary.
Ability to work independently.
Attendance Requirements:
o On site during normal working hours and available as necessary before or after normal working hours to work at the Firm, over the telephone, or at off-site meetings, in order to meet the demands of the job and the needs of the Firm. Hybrid schedule (subject to change): 3 days per week working in-office, 2 days