Title: “Cybersecurity/Information Security Engineer”
The Information Security Engineer is a key member of the technology team that evaluates the firm’s technology and information systems to develop security strategies and solutions to protect the Firm from internal and external threats.
This position supports the firm’s overall information security program by evaluating, testing, documenting, and implementing products and solutions, continuous management and monitoring of software, analyzing and remediation of security incidents and alerts. The Information Security Engineer is accountable for planning and executing security projects to improve the Firm’s overall security posture; for creating and maintaining of security-related documentation and for other various security-related tasks. Information Security Engineers are responsible for the protection of all Information Assets, including physical and digital data, technology infrastructure, cloud and on-premise applications, user endpoints, identities and other Technology Resources.
Information Security Engineers must continually adapt to understand and stay a step ahead of the latest cyber threats. The ideal candidate is passionate about security, is intellectually curious, and thrives on learning, teaching and mentoring alike. The firm’s security team values and is committed to fostering a cooperative leadership and learning environment from every chair, regardless of title.
ESSENTIAL JOB FUNCTIONS:
- Build and administer core network and systems security controls, including: firewalls, intrusion detection and prevention, anti-malware, application whitelisting, host intrusion prevention, endpoint detection and response (EDR), privileged access management (PAM), privilege elevation, vulnerability scanners, content monitoring / filtering, security monitoring (SIEM), enterprise authentication and authorization.
- Plan and execute Information Security projects. Represent the security team on projects owned by other IT teams.
- Perform security and privacy reviews of IT services and changes (e.g., new technologies being added to the environment or that are undergoing significant changes). Monitor change management database activity to stay abreast of developments in the IT environment.
- Help define and document the firm’s Information Security Architecture and Roadmap.
- Based on the Firm’s IT Risk Assessment, plan for the lifecycle, implementation and integration of future security technologies with other security and non-security technologies. Recommend and drive technology and process improvements for Information Security Programs.
- Collaborate actively with senior technologists on other IT teams to design solutions that satisfy the priorities of each individual IT team involved, while also providing the best possible user experience and appropriate security assurance.
- Interface and cooperate with internal and external audit and exam teams as required.
- Establish architectures and baseline configurations for various security technologies, including: anti-malware, endpoint detection and response (EDR), security monitoring, systems security, network security, identity and access management, public-key infrastructure (PKI), deception technologies, DLP and web/e-mail content filtering.
- Design and maintain strategies for Information Security documentation, including runbooks, procedures, processes and hardware and software inventory detail.
- Implement and operate technical security solutions across a wide range of technologies, and serve as a third-tier support resource and SME for these technologies as required.
- Participate in technical and non-technical projects requiring information security oversight to ensure policies, procedures and standards are met.
- Serve as a member of the Computer Security Incident Response Team (CSIRT), assisting with incident response (IR) with the IR and security operations center (SOC) efforts.
- Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.
- Assist with threat and vulnerability management activities, including: triage of new vulnerabilities, root cause analysis, threat modeling and mitigation planning.
- Coordinate closely with Information Security Governance, Security Operations and various teams throughout the firm to align information protection strategies with technologies and functions throughout the firm.
- In coordination with Information Security Governance, publish and maintain appropriate Information Security policies and standards to help guide selection and implementation of various technologies, throughout the IT organization.
- Assist with Information Security program management, including defining and documenting corporate security policies and procedures, security metrics, and coordinating the security awareness program.
- Automate workflows for security processes and procedures. Identify and drive improvements to Information Security programs.
- Provide technical guidance, training and direction to less experienced staff. Take a proactive approach to mentoring other staff members.
- Participate in DR planning and testing activities.
- May require on-call as assigned.
- Other duties as assigned.
Additional Job Description
QUALIFICATIONS / KSAs:
- Bachelor’s degree in Computer Science, Information Systems, Computer Engineering or related discipline, or equivalent experience and technical background.
- CISSP, GSEC, CISA, or similar certification desired.
- At least 6 years of relevant experience.
- Strong technical knowledge and understanding of security concepts, for example: network/perimeter security, security event monitoring, vulnerability assessment, intrusion detection and response, encryption technologies, enterprise authentication (e.g., SAML/SSO, Active Directory, etc.), EDR, PAM and content monitoring/filtering.
- Strong technical knowledge and understanding of key technology platforms.
- Working knowledge of network and security protocols including TCP/IP, SMTP, FTP, SSH, TLS, SSL, HTTP, IPSec and other VPN protocols.
- Strong written and verbal communications skills. Ability to speak and explain complex security issues to audiences without similar backgrounds.
- Ability to effectively communicate business risk as it relates to information security.
- Excellent time management and organizational skills to effectively meet multiple objectives.
- Results oriented, self-motivated and capable of performing several tasks simultaneously.
- Strong analytical, process and troubleshooting skills.
- The desire, commitment and ability to be a team player.
- Professional attitude and presentation.