Cyber Security Engineer
3 weeks ago
FULL TIME POSITION:
Title-Cyber Security Engineer/NIST Title Client - Peoples Bank - Location-Hybrid/Midtown, New York City - salary--$ 145K Salary Target -Visa:USC,GC,GC-EAD
**We need a senior (7+ Years) Cyber Security Engineer with great experience working with Cyber Security and Information Risk management with Strong understanding and hands on implementation experience with SANS/CIS Top 20, FFIEC, NIST CSF, 800-53, ISO27001 controls. Candidates must have certifications and the more the better( - CISSP, CISM, CCSP, OSCP, GIAC GCIH, GCTIA, GDSA or equivalent, or relevant AWS or Azure certification). Candidates should have great experience working with Strong understanding and hand-on experience of cloud concepts and components as they relate to O365/Azure, DevOps, Candidates must me local to the New York or New Jersey area and commute into the city two times a week in Midtown, NYC. NO RELOCATION CONSIDERED
Candidates Must Have:
1. Cyber Security/ Information Risk management
2. Strong understanding and hands on implementation experience with SANS/CIS Top 20, FFIEC, NIST CSF, 800-53, ISO27001 controls.
3. Azure/DevOps/O365
4. Certifications
Job Description:
- The Cyber Security & Information Risk Engineer will be responsible for ensuring that Information Security systems and cloud services are configured, deployed, and maintained in accordance with SMBC's polices and standards. This position requires participation in technical research and development to enable continuing innovation for Cyber Security and Information Risk management. Strong understanding and hands on implementation experience with SANS/CIS Top 20, FFIEC, NIST CSF, 800-53, ISO27001 controls.
- Focuses on hands on engineering and architecting cybersecurity solutions using industry's best practices to protect the firm from various threat actors.
- Performs as the Subject Matter expert focused in multiple technologies within the Security arena (IAM, Cloud Security, Data Security, Network Security, Encryption, Privileged Access Management, Federation etc.).
- Works with cloud technologies including Amazon Web Services and Azure, including the deployment of security groups, VPC networks, Certificate Management Systems and Key Management Systems.
- Works with DevOps practices and use of Terraform or CloudFormation to deploy services and infrastructure, including Docker and Kubernetes.
- Provides technical guidance and security reviews / assessments on architecture for new applications in AWS and Azure.
- Develops cloud security policies, standards and procedures.
- Coordinates and performs security audits and vulnerability assessments to assess internal security procedures and compliance requirements related to cloud environments.
- Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant layers, test those controls and perform gap analysis to find areas of improvement.
- Strong understanding and hands on implementation experience with SANS/CIS Top 20, FFIEC, NIST CSF, 800-53, ISO27001 controls.
- Strong Incident Response skillset using MITRE ATT&CK and Cyber Kill Chain frameworks. Being able to conduct threat modeling in order to determine major threats facing the firm.
- Good understanding of Zero Trust principles.
- Supporting offensive architecture analysis and design of defense-in-depth solutions
- 5+ Years of hands-on architecting, implementation and design experience required, designing globally scalable security solutions using latest cloud technologies and platforms.
- Strong understanding and hand-on experience of cloud concepts and components as they relate to O365/Azure, AWS, and/or GCP.
- 3+ years of hands-on experience with IAM permissions, SSO, Managed AD including permissions access to S3 buckets, IAM roles, executing Lambda functions, AWS Config, Cloudtrail, KMS, Cert Manager etc.
- Experience with Microsoft Defender for Cloud, Azure Kye Vault, Azure Monitor, Sentinel, RBAC, Azure AD, Azure MFA, conditional access, Federation is highly desired.
- Cloud formation and/or terraform experience required
- Good understanding of DevSecOps concepts and associated implementations
- Good understanding of CI/CD pipeline concepts as it relates to security
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (SAML, OAuth, OpenID).
- 2+ years of experience in container solution (Kubernetes and Docker).
- Experience with API Security highly desired.
- Deep understanding of Unix, Linux, Windows Security principles and Microsoft Active Directory
- Python, Bash or PowerShell scripting experience required.
- Strong knowledge of enterprise Information Security pillars (Perimeter security, Identity Management and Governance, Privileged Account Management, Compliance, Penetration testing, Encryption, Cloud Security, Incident Response, Vulnerability Management)
- Deep packet analysis experience required using wireshark/tcpdump.
- Incident Response experience highly desired as it relates to Cloud environments.
- Advanced experience in process documentation, flow charting and re-engineering.
- Understanding of OWASP Top 10 highly desired.
- Good understanding of Zero Trust principles highly desired.
- Performing gap analysis within different environments coupled with an in depth understanding of regulatory guidelines as well as standards and best practices related to CIS Top 20, ISO 27001, FFIEC CAT and NIST CSF frameworks.
- Bachelor's degree in Information Security, Computer Science or related field required
- Good influencing, relationship and stakeholder management skills
- One of the following certifications is required - CISSP, CISM, CCSP, OSCP, GIAC GCIH, GCTIA, GDSA or equivalent, or relevant AWS or Azure certification(s).
- Weekend and night work may be needed at times based on project, support, and business needs.
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob Title: Cyber Security EngineerSumitomo Mitsui Financial Group, Inc. is seeking a highly skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer, you will be responsible for executing within our Cyber Resilience Exercise program designed to increase cyber resilience capabilities and preparedness across various businesses, group...
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States Sparc The World Full timeAbout Sparc The WorldWe are a cyber security company dedicated to creating a world where organizations can focus on their mission without the fear of cyber threats. Our market-defining technology and expertise prevent breaches daily and set a new standard for industry partnerships. We are committed to our customers and grounded in our values, which have...
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States Diverse Lynx Full timeJob Title - Cyber Security EngineerLocation - NEW YORK, NYJob SummaryAs a Vendor Security Specialist at Diverse Lynx LLC, you will be responsible for ensuring that vendor security architecture and design meets firm policies, external guidelines, and regulatory expectations.Key Responsibilities- Review controls related to Application (SaaS), Mobile Security,...
-
Cyber Security Engineer
4 weeks ago
New York, New York, United States TherapyNotes Full timeAbout TherapyNotesTherapyNotes is a leading provider of behavioral health Practice Management and EHR software. Our cutting-edge SaaS solution handles scheduling, billing, documenting, telehealth, and more, allowing clinicians to focus on patient care.Our TeamWe're a dynamic team of professionals who love to innovate and push the envelope, keeping our...
-
Cyber Security Engineer I
4 weeks ago
New York, New York, United States Memorial Sloan Kettering Full timeCyber Security EngineerAt Memorial Sloan Kettering, we are seeking a skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer, you will be responsible for designing, implementing, and maintaining Privileged Account Management (PAM) solutions to manage user identities, roles, and access rights using the Delinea Secret Server platform.Key...
-
Lead Cyber Security Engineer
1 month ago
New York, United States Eleven Recruiting Full timeJob Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...
-
Lead Cyber Security Engineer
4 weeks ago
New York, United States Eleven Recruiting Full timeJob Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...
-
Cyber Security Engineering Team Lead
2 weeks ago
New York, New York, United States Capital One Full timeAbout Capital OneCapital One is a leading financial institution seeking a highly skilled Senior Director of Software Engineering to lead our Cyber Software Engineering teams. We are dedicated to innovation and excellence, and this role will play a critical part in driving our security capabilities forward.Job SummaryWe are looking for a seasoned technical...
-
Cyber Security Engineering Team Lead
4 weeks ago
New York, New York, United States City of New York Full timeCyber Security Engineering Team LeadThe City of New York is seeking an experienced Cyber Security Engineering Team Lead to lead a Cyber Security Engineering team. The ideal candidate will have strong technical acumen, a proven ability to lead and mentor a team in a dynamic and fast-paced environment, and excellent communication skills.Key...
-
Cyber Security Engineer
4 weeks ago
New Berlin, Wisconsin, United States Eversource Full timeCyber Security Engineer RoleThis is a hybrid role with a mix of office and remote work. The first three months are full-time in the office. Our team is looking for a cyber security engineer with an analytical mind and a detailed understanding of cybersecurity methodologies.Cyber security engineers are expected to have meticulous attention to detail,...
-
Lead Cyber Security Engineer
4 weeks ago
new york city, United States Eleven Recruiting Full timeJob Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...
-
Lead Cyber Security Engineer
1 month ago
new york city, United States Eleven Recruiting Full timeJob Overview: We are seeking a proactive and skilled Lead Cyber Security Engineer to join our expanding team. This role is ideal for someone with strong leadership attributes who can help build and enhance our Security Operations Center (SOC). You will play a critical role in developing processes, metrics, and integration strategies, focusing on blue team...
-
Cyber Security Expert
4 weeks ago
New York, New York, United States Deloitte Touche Tohmatsu Services, LLC Full timeDeloitte Touche Tohmatsu Services, LLC seeks a highly skilled Cyber Security Expert to support the Deloitte Security Operations team in detecting and remediating cyber threats across the internal global Deloitte network.Working in a world-class Global Security Operations Center, the main responsibilities include handling cyber security incidents, performing...
-
Cyber Security Specialist
4 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob SummaryThe Security Testing Engineer will be responsible for executing within our Cyber Resilience Exercise program designed to increase cyber resilience capabilities and preparedness across various businesses, group companies, and functions of the bank. This role will support partnerships for exercises such as cyber scenario exercising and cyber...
-
Cyber Security Specialist
4 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob SummaryWe are seeking a highly skilled Cyber Security Specialist to join our team at Sumitomo Mitsui Financial Group, Inc. The ideal candidate will have a strong background in security testing and a passion for staying up-to-date with the latest threats and technologies.Key ResponsibilitiesAnalyze IT infrastructure, systems, and applications for...
-
Senior Sales Systems Engineer
4 weeks ago
New York, New York, United States Stellar Cyber Full timeJob Description:Stellar Cyber is a fast-growing Cybersecurity company focused on delivering holistic cyberattack protection to organizations while significantly reducing total costs of ownership with its innovative Open XDR platform based on advanced ML and security technologies. Stellar Cyber has been recognized by Gartner as one of the leading XDR...
-
Cyber Security Analyst
4 weeks ago
New York, New York, United States City of New York Full timeCyber Security Analyst Job DescriptionThe City of New York is seeking a highly skilled Cyber Security Analyst to join its IT Services Division. As a Cyber Security Analyst, you will play a critical role in implementing cybersecurity policies, standards, directives, and guidelines that align with citywide cyber policies.Key Responsibilities:Assist in liaising...
-
Cyber Security Specialist
4 weeks ago
New York, New York, United States SAIC Full timeJob SummarySAIC is seeking highly skilled Cyber Engineers to support the Space Development Agency (SDA) Advanced Fire Control Ground Infrastructure (AFCGI) program. This position requires an active TS/SCI security clearance and is a hybrid remote role with occasional work at local SAIC sites and travel to customer sites.Key Responsibilities Apply engineering...
-
Cyber Security Product Manager
4 weeks ago
New York, New York, United States Capital One Services, LLC Full timeAbout the Role:Capital One is seeking a highly skilled Cyber Security Product Manager to join our team. As a Cyber Security Product Manager, you will be responsible for driving the development and delivery of our cyber security products and solutions.Key Responsibilities:Develop and maintain a deep understanding of our cyber security products and...
-
Cyber Security Engineer Intern
3 weeks ago
New York, United States Intuit Inc Full timeOverview This position is intended for students in a degree-seeking program to which they will return to school at the end of the summer internship in 2025, with a graduation date of Winter 2025 or later. If you do not meet these minimum criteria, please revisit our careers site for other opportunities. ** At Intuit, we want to invest in the next...
