High Profile mid-sized Asset Management Firm seeks
Cyber / Network Security Engineer with strong Threat Vulnerability Management experience.
In a very hands-on capacity you will responsible for the support and administration of several core network security tools... interesting projects, very professional and high-end environment.
You will be responsible for the implementation, engineering, and management of security initiatives related to
Threat Vulnerability Management and
Network Security.
In Summary
- Work closely with Information Security to ensure a secure enterprise network environment through the enforcement of network security controls, threat and vulnerability management (TVM), and logging and monitoring for applications, servers and network devices through the SIEM process.
- Leverage and implement tools that automate and support Network Security, TVM and SIEM processes, helping to develop capabilities to early detect and quickly respond to potential cybersecurity breaches and incidents.
- Implement appropriate changes, updates, and upgrades in response to vulnerabilities and incursions; help to remediate audit issues.
- Support the process owners for Network Security, Threat Vulnerability Management and and SIEM by actively participating in risk assessments that target these processes.
- Work with management to development of procedures and implement industry cybersecurity standards and policies
- Participate in the organization and coordination of penetration testing.
Requirements Include
- Experience implementing Vulnerability Management solutions and relevant work experience with tools that provide vulnerability detection and reporting, logging and monitoring, and other cybersecurity solutions such as IPS/IDS, anti-virus and DLP.
- Tenable Security Center (TSC) vulnerability scanning experience
- Working knowledge of next-gen firewall administration and configuration; some related Palo Alto Firewall administration (Panorama), network security, operations and management best practices preferred
- Endpoint management and best practices: McAfee Endpoint Protection, Carbon Black, and LogRhythm
- Good Project Management skills
- Understanding of network design, infrastructure, Active Directory and Group Policy
- Knowledge of enterprise patching / updates is a must
- Scripting skills (Python,...)
- Working knowledge of security protocols, cryptography, authentication, authorization and security.
- Working knowledge in networking and protocols - BGP, OSFP, IP, WANs, LANs, NAT.
- Tools: Tenable Security Center, LogRhythm, Palo Alto Next Gen Firewalls, Cisco ASA Firewalls, Cisco ACS, Cisco ISE, Carbon Black Protect (Bit9), Carbon Black Response, McAfee Endpoint Protection, Wildfire Malware Analysis
- Completed Bachelor’s degree with Computer Science or related (math, engineering,...) course of study
- Preferred certifications or professional training: ITIL Foundation and any training with Palo Alto, Tenable/Nessus and/or LogRhythm
- This is a hybrid role onsite ~2 days per week in NYC