Requirements
- 5-8+ years of Security Engineering or related role
- Extensive knowledge of operating systems (Windows, Mac, Linux) and database security
- Proficiency in network security and network monitoring solutions (routing protocols, encryption, firewalls, VPNS)
- Knowledge of security systems including anti-virus applications, content filtering, firewalls, authentication systems and intrusion detection (IDS, IPS) and notification/monitoring systems
- Background in endpoint protection (Crowdstrike or related)
- Cloud security (Wix, AppOmni, or related)
- Background with identity & access management, applications security (Snyk)
- Experience with penetration testing
- In-depth knowledge of security protocols and principles
- Bachelor of Science in Computer Science or a related field
Plus:
- Security certifications: Security+, CEH, CRISC, CISM, CISA, CISSP, CCNP Security, GIAC GSEC, and Microsoft Systems Developer training.
- Automation of security tasks (Python, C++, Java, Ruby, Bash etc)
- Legal background
Day to Day:
An international law firm is looking for two Security Engineers to join their Security team responsible for identifying threats and vulnerabilities in the Firm's IT systems and software architecture. The Firm has more than 1,300 lawyers and has offices that span the globe from Boston, New York, Beijing, Brussels, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C. The Firm consistently ranks among the world’s leading law firms. The Firm has the following practice areas: Corporate, Litigation, Banking & Credit, Capital Markets, Mergers & Acquisitions, Real Estate, Restructuring and Private Funds. They support clients in a variety of industries such as Energy (Oil & Gas, Power & Renewables), Financial Services, Healthcare & Life Sciences, Infrastructure, Technology, Insurance & Reinsurance, and Data Centers. This role will be 2 days onsite in NYC and the remaining remote, with the exception of the first two weeks of training which will be 4 days onsite.
The technology environment is a mix of on-prem and cloud (Azure), and we are in the middle of a transformation effort to migrate more applications to the cloud. The Firm uses a wide variety of industry standard tools across all InfoSec domains, including Qualys, Logarythm, Wix, AppOmni, DUO, CrowdStrike, Snyk. The Security Engineers will be responsible for security tools implementations and management, troubleshooting, alert tuning, monitoring and investigations and coordinating incident response across teams. These roles are a part of our emergency on-call rotation (Middle of the night and weekend calls are rare, but they can expect to be on call 2x / month at the beginning and decreasing as the team is built up with more resources – once fully staffed, the on call should be 4x / year). The engineers should be a strong security generalist across all InfoSec domains - identity, network, cloud, infrastructure, auditing, testing etc.
Pay Rate: $60-80/hr