Security

Lead Information Security Engineer

Contract

Silver Search Inc

Lead Information Security Engineer New York, NY

Premier NYC legal organization has an immediate need for a Lead Information Security Engineer that will design, integrate, implement and monitor the firm’s information systems and security infrastructure. This role is remote for now, and then onsite 2-3 days/week in the future.

Responsibilities:

  • In conjunction with Information Technology Operations personnel, leads the design, implementation and support of security measures including but not limited to: Cloud Security, Vulnerability Management, Email Security, Endpoint Security, Document Management Systems, Privileged Account Management, Advanced Threat Defense, Data Loss Prevention, Incident Response.
  • Leads the monitoring and investigation of security related activity identified in logs and alerts from those systems.
  • Evaluates proposed IT projects and emerging technology while making security recommendations to ensure the risk is controlled at an acceptable level.
  • Leads the analysis, resolution, and communication of cyber security problems and issues.
  • Performs various assurance and auditing activities to ensure that the security controls are designed and implemented appropriately.
  • Develops and maintains appropriate escalation procedures for the different types of alerts that the various monitored systems generate.
  • Evaluates threat intelligence feeds, vulnerability reports, security exploit reports, and other information security notices as needed and makes recommendations to internal management and technical staff to take precautionary steps.
  • Administers the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management.
  • Interprets information security policies, standards, and other requirements and assists with their implementation.

Requirements:

  • Previous financial services, professional services or law firm experience desired.
  • Must have at least one security certification (CISSP, CISM, SANS, etc.).
  • Minimum 7 years of progressively advancing hands-on experience in Information Security field with track record of success.
  • Knowledge of or experience with ISO 27001 framework is desired.
  • Expert knowledge of information security methodology and tools such as access control, threat intelligence, zero-day threats, incident response and vulnerability management tools.
  • Strong hands-on experience in Azure cloud security, network architecture and security assessment.
  • Ability to work in a team environment, as well as independently.
  • Strong analytical skills.
  • Data privacy and other compliance experience are a big plus.

Tagged as: Lead Information Security Engineer