This Senior Information Security Engineer will join Zyston’s team on a permanent basis, with the goal of this person is to strengthen the security posture and overall security programs of Zyston client(s).
The Senior Security Engineer will have strong experience with various security tools, and administer and maintain security measures focused on application, web and infrastructure security across the enterprise in accordance with security Best Practices.
This person will safeguard sensitive and proprietary information and prevent unauthorized access. Periodically review/test policies, procedures and controls to maintain alignment and accuracy with the security program and regulatory governance. Provide security analytics and assistance with security support requests.
Principal Duties & Responsibilities
- Monitor security threats, analyze vulnerability assessments, and balance security with business rules/needs.
- Manage threat and vulnerability program:
- 50% Engineering implementing solutions, 30% Strategic evaluating vendors and solutions to select what should be implemented, 20% Analytical being pro-active monitoring and reporting metrics
- Implement Incident Handling process and procedures – Establish an IR Playbook
- Deliver security awareness content to educate workforce about policies, procedures and information risks - in partnership with communications team
- Ensure that Information Security best practices and configurations are included in desktop, server, and network configurations
- Perform NIST assessments of the client environment, create policies, and establish the right people, process, and technologies to enhance the maturity of the cybersecurity program.
- Work with clients and consultants to improve information security within the organization
- Responds to security related tickets, and works collaboratively across technical teams, to communicate, manage expectations during the resolution of the issue.
- Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware.
- Complete periodic reviews on a number of security platforms to ensure the safety and integrity of the organization's data.
- Possess a high degree of integrity and trust along with the ability to work independently.
- Performs other security duties as assigned.
- Occasional long, irregular hours.
- 5 years' experience in Information Security, with at least (5) years' experience in Information Technology.
- Experience handling incidents, events, alerts, encryption, forensics, threat analysis and vulnerability mgmt.
- Broad infrastructure knowledge to include routers, switches, firewalls, WAN/LAN, cloud and servers.
- Experience with Microsoft Active Directory
- Experience with Okta or similar tool
- Experience with ProofPoint or a similar tool
- Analyze and resolve complex technical and business problems
- Endpoint Management experience, ideally with TrendMicro or Cylance
- Experience with firewalls, preferable Palo Alto
- Interact with all levels of management
- Communicator, creative thinker, problem solver, analytical attention to detail
- Manage multiple tasks simultaneously
Bachelor's degree or equivalent professional experience
- Experience with AWS or Cloud architecture
- Strong written, verbal and non-verbal communication skills,
- Proven experience building an IR playbook
- Experience in working with third party managed security providers
Application Integration Architecture