We are seeking an experienced Systems Engineer to join our team on a contract basis, focused on enhancing security systems for the NYC MTA. This position requires a strong background in infrastructure virtualization, vulnerability management, and Windows Server administration.
This is a long-term contract position and requires full-time onsite presence in the New York City office.
What You’ll Do
- Lead the deployment and management of virtualized infrastructure, including VMware virtual switches.
- Oversee vulnerability and patch management processes to ensure systems remain secure and compliant.
- Administer and harden Active Directory and Windows Server environments to meet strict security standards.
- Collaborate with cross-functional teams to implement endpoint security tools such as Trellix and CrowdStrike.
- Execute enterprise-level deployments of desktops and servers, ensuring adherence to security protocols.
- Harden and secure desktop environments, implementing best practices for endpoint protection.
What You’ll Bring
- At least 10 years of Systems Engineering experience.
- Virtualization and Infrastructure: Extensive experience with VMware virtual switches.
- Vulnerability and Patch Management: Proven track record in managing vulnerabilities and patching systems effectively.
- Active Directory and Windows Server Administration: Deep expertise in AD and Windows Server hardening and administration.
- Securing/Hardening Desktops: Proficiency in implementing security measures for desktop environments.
- Endpoint Security Tools: Hands-on experience with endpoint security solutions like Trellix and CrowdStrike.
- Enterprise Deployments: Demonstrated ability to manage large-scale deployments of desktops and servers.
- Windows AD Configuration/Administration: Strong skills in configuring and administering Windows AD environments.
Bonus Points For
- Cybersecurity Incident Response: Experience in developing and implementing incident response programs.
- Network Segmentation and Isolation: Knowledge of BGP, OSPF, and Cisco switching.
- Threat Detection and Vulnerability Assessments: Expertise in conducting threat detection and vulnerability assessments.
- Advanced Network Security Tools: Familiarity with Cisco ISE/Stealthwatch, containment/protection tools for OT environments, and deception technologies like Honeypots.
- Physical Security Integration: Understanding of physical access control systems, video management systems, and endpoint credential management.