AVP, Information Security Engineer

About The Position

Requirements

• College degree in Information Technology or Information Security or equivalent.
• Requires one or more of the following certifications: CISSP, CISM, CRISC, CISA, Security+, EnCE, CEH, OSCP, GIAC.
• 5+ years experience in Information Security Operations or Information Security Risk Management, preferably in the financial services industry.
• 3+ years experience in Security Engineering or Security Architecture role operating and/or implementing SIEM, EDR/XDR, NAC, IDS/IPS, WAF, IAM, FW, AD, EntraID and AVs.
• Proven experience in securing and implementing policies for Cloud Technologies (M365, Azure, AWS) and the Microsoft (E5) technology stack including Microsoft Defender, Microsoft Intune or similar.
• Experience defining and/or reviewing firewall rules and IDS/IPS topology and configurations.
• Experience in defining or participating in penetration tests and/or attack simulation exercises and implementing remediation plans.
• Strong understanding of networking, communication, and secure email protocols (TCP/IP, UDP, SSL/TLS, IPSEC, SPF, DKIM, DMARC, DNSSEC, etc.).
• Experience configuring and managing a Security Information and Event Management (SIEM) platform is highly preferred.
• Governance or oversight of a third-party risk management program experience preferred.
• Experience implementing tools and policies for Data Loss Prevention, Cloud Access Security Broker (CASB) and Insider Threat Management tools preferred.
• Experience with Secure Development Life Cycle (SDLC) practices and application security testing, including implementation and use of static and dynamic application security testing platforms preferred.
• Experience performing and assessing the effectiveness of vulnerability management program and performing security assessments of internal and external systems based on industry standards preferred.

Responsibilities

• Participate in Business and Information Technology projects to recommend security controls and solutions applicable.
• Provide recommendations for security infrastructure, developing security plans and standards.
• Manage trade-offs and determine cost-benefits between new tools to be implemented to the current security stack, and improve existing tools by reconfiguring, repurposing, or training.
• Identify and evaluate opportunities for process improvement.
• Maintain strong technical security skills that follow the current market trends to work on both cloud and on-prem based solutions.
• Serve as Subject Matter Expert (SME) across technical information security domains.
• Identify and assess vulnerabilities and risks to enterprise applications infrastructure and data.
• Develop and implement technical solutions to counter vulnerabilities and risks.
• Track current and emerging security threats, design and implement security solutions to mitigate them.
• Propose scope, design, and supervise the execution of the penetration test program to reach defined objectives.
• Review and propose improvements to email, endpoint and network security.
• Implement the enterprise data loss prevention program by identifying and proposing controls on data loss channels.
• Ensure that security systems and tools such as firewalls, web filtering, EDR, XDR, NAC for adequate coverage and periodically reassess configurations and security controls for improvements.
• Maintain information security systems and tools such as CASB, DLP, MDM and WAF and periodically review configurations.
• Establish, plan, and manage overall program and goals for the system security requirements and baseline configurations.
• Participate in efforts to remediate audit and regulatory findings and recommendations related to Information Security.
• Define and implement solutions to meet compliance requirements, including but not limited to: Sarbanes-Oxley, Payment card industry standards, and state and federal regulations.

Benefits

• $100K - $120K / year
• Pay determined based on job-related knowledge, skills, experience, and location.
• This position may be eligible for a discretionary bonus.