- Develop, document, and execute procedures for protection, detection, and response against internal and external threats and execute remediation plans and incident response plans as needed.
- Create, fine tune, and compile regular metrics.
- Increase the breadth and depth of monitored sources and maintain a framework to constantly assess the firm’s Cyber and Information Security.
- Expand the 24/7 monitoring (Secureworks) and lead the project to implement and maintain SIEM Q-Radar.
- Keep track of potential security incidents and work with various compliance areas to report the relevant events to external regulators (e.g. FinCen).
- Share information and help create a corporate view of cyber and information security status & awareness.
- Ensure that all employees have complied with security awareness training requirements.
- Maintain the vendor relationship with Secureworks
- Participate actively in logical access control functions such as periodic access reviews.
- Support the security aspects of vendor risk reviews.
- Schedule and coordinate incident response exercises.
- Schedule and coordinate social engineering and phishing test exercises against employees
- Manage vulnerability scans, evaluate remediation efforts, and report on results..
- Own and manage the compliance efforts in a multi year DFS (NY Department of Financial Services) compliance project.
This is very much a hands-on role, in which the candidate will be actively developing and running security controls and following up with others in their fulfillment of control requirements.
- BA/BS in Information Security or at least 3 to 4 years of directly related experience.
- Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP (and other routing protocols).
- Experience with logging software, and/or other SIEM type tools.
- Experience with vulnerability and penetration assessment tools.
- Experience with log and packet analysis tools, DLP and techniques.
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits.
- Excellent teamwork skills, ability to collaborate with other team members.
- Strong sense of ownership and drive.
- Breadth of knowledge in the information security space with emphasis on network security, operating system security, common attack patterns, and exploitation techniques.
- Strong organizational skills.
- Strong time management, attention to detail, and ability to manage priorities.
- Experience with routers and other network devices, firewalls, proxies, incident response, forensics, and information security frameworks.
Any of the following are preferred:
- CompTIA Security, GIAC Security Essentials, CEH-Certified Ethical Hacker, CISSP-Certified Information Systems Security Professional, CISM-Certified Information Security.
- This position requires strong analytical and technical skills and a detailed working knowledge of current and emerging security technologies, as well as the ability to identify abnormal behavior. The key goal is to improve the firm’s ability to detect abnormal or malicious behavior.
- Strong working knowledge of the company’s Computer Incident Response and the ability to provide professional input to improve the program.