Sr. Security Analyst - Perimeter Security Team

About The Position

Requirements

• Degree in Cyber Security, Computer Science, Computer Engineering, or Information Systems or related field preferred; or equivalent training and certifications (A+, Net+, Sec+, SANS, Cloud, etc), or related work experience.
• 3-5 years of managing enterprise class proxy solutions, remote access solutions, network security platforms, on-prem and cloud data centers.
• Experience in a variety of technical fields including software, infrastructure, and security engineering at an enterprise level.
• Understanding of core enterprise technology platforms including: infrastructure, software, data, cloud and cloud native platforms, microservices, API management, event streaming, CI/CD pipelines.
• Experience with core enterprise level information security components, principles, practices, and procedures.
• Understanding of core enterprise best practices, including: security risk management, architecture diagrams and documentation, digital transformation, change management, crisis management, business continuity, disaster recovery, and observability.
• Experienced in designing and building highly scalable, distributed & secure solutions that run in a cloud environment such as Azure, AWS, or GCP.
• Demonstrated proficiency in deploying infrastructure as code through Terraform, Ansible, or similar technologies.
• Experience with managing and delivering on stakeholder requirements in a way that balances design functionality, cost optimization, and production support considerations.
• Advanced experience with writing code/scripts in at least one language (Python, PowerShell, Bash, Go, etc).
• Demonstrated competency with reading and generating architectural diagrams and maintaining full and accurate documentation of software, systems, and platforms.
• Strong understanding of observability, performance monitoring, and root cause analysis principles to perform continuous platform improvements or quickly troubleshoot and restore services in a case of disruption.
• Experience working with Product Teams and Agile methodology and practices.
• Demonstrated proficiency with proxy solutions and zero trust methodologies.
• Demonstrated proficiency with network security best practices.

Responsibilities

• Identify and implement opportunities to improve solutions and ensure system availability while maintaining acceptable risk levels for the firm to remain in compliance with industry regulations and security framework.
• Serve as a subject matter expert for proxy and intrusion prevention platforms, remote access connectivity, zero-trust, and network security monitoring.
• Lead and oversee the solution design lifecycle for Zscaler and IPS, including stakeholder requirement gathering and prioritization, alignment with architectural standards and best practices, implementation planning, implementation execution, documentation completeness, and ongoing health monitoring and maintenance.
• Provide design thinking and oversight for Zscaler and IPS to ensure cohesiveness, completeness, and effectiveness of the platform; and provide feedback to the Team Lead on the overall direction of the technology stack.
• Continue to implement new features and performance improvements for Zscaler and IPS in partnership with key stakeholders.
• Adhere to frameworks and processes for cohesive change management, health monitoring, performance monitoring, stability, and backups across the product space.
• Support technology incidents including: triaging technology services performance segregation or outages, performing root cause analysis across a complex environment, and identifying short and long-term solutions while operating in stressful and time sensitive situations.
• Effectively communicate with peers and leaders to ensure the awareness of progress, the awareness of challenges, the identification and escalation of risks, and the impact of ongoing security work.
• Establish and maintain effective communications and relationships across key departments, business areas, and vendors.
• Mentor and coach less senior team members and represent the Firm across the financial service's information security community through industry forums, working groups, and conference presentations.

Benefits

• Medical and prescription drug coverage
• Dental and vision insurance
• Voluntary benefits (such as accident, hospital indemnity, and critical illness)
• Short- and long-term disability coverage
• Basic life and basic AD&D coverage
• 401k retirement plan
• Health savings account and flexible spending account
• Ten paid holidays
• Fifteen days of vacation for new associates beginning on January 1 of each year
• Sick time and personal days
• Paid day for volunteerism
• Bonuses and profit sharing
• Employee Assistance Program