Senior Security Engineer

About The Position

Requirements

• Bachelor's degree in Information Systems, Information Security, Risk Management, or a related field
• At least five years experience in Information Security or similar type role
• Awareness of basic tenets of secure software development
• Solid understanding of networking concepts, such as routing, firewalls, NAT translation, proxies, and other next gen SASE solutions.
• Familiarity with Data Loss concepts and strategies
• Deep level security information and event management (SIEM) log analysis
• Ability to fulfill responsibilities in a timely manner and with exactitude
• Extreme thoroughness and the ability to be directed on important initiatives, but to work independently to ensure the optimal outcome, reporting back to senior management on important milestones or issues that arise.

Nice To Haves

• Several Information Security certifications are considered a significant plus (Microsoft, CISSP, CISM, Palo Alto, Splunk, Cisco are a few that would be considered standout achievements).

Responsibilities

• Lead the Firm’s strategy, design, and implementation of scalable AI security and agentic security controls.
• Work closely with the Firm’s IT and AI acceleration teams to onboard newly develop AI use cases in a security manner, including end to end DevSecOps and CSPM tooling.
• Design, implement, and maintain a secure and resilient cloud architecture, encompassing Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions. This includes Azure, AWS, Office365, and all manner of SaaS applications.
• Design and build continuous audit and alerting capabilities in our cloud environments using native toolsets.
• Develop and implement robust identity and access management strategies for cloud environments, ensuring proper authentication and authorization controls.
• Monitor and manage user access permissions, following the principle of least privilege.
• Use leading edge Microsoft 365 Security and Purview technologies to establish and enforce data protection policies to safeguard sensitive information.
• Monitor for data leakage to and from the cloud and on prem.
• Lead incident response efforts for security incidents, coordinating with internal and external stakeholders.
• Implement logging and monitoring solutions to detect and respond to security events in real-time.
• Design, implement, and manage security infrastructure to safeguard the firm's networks, systems, and applications.
• Conduct regular security assessments and vulnerability scans to identify and address potential risks.
• Lead incident response efforts and conduct thorough investigations in the event of security incidents or breaches.
• Collaborate with legal and IT teams to ensure proper documentation and reporting of security incidents.
• Work with key stakeholders and internal IT contacts to conduct risk assessments against new technologies being considered for use. Formally document these risk assessments such that they can be easily understood by stakeholders.
• Collaborate with IT, legal, and compliance teams to align security initiatives with overall business objectives.
• Communicate security risks and recommendations to both technical and non-technical stakeholders.

Benefits

• Cleary provides a comprehensive benefits package, including health care benefits.
• More information can be found here: Benefits
• We are an equal opportunity employer and prohibit discrimination based on any category protected by law.
• Cleary provides reasonable accommodations to enable otherwise qualified employees to perform the essential functions of their position, provided the accommodation does not pose an undue hardship to the Firm.