Description
About the job
A law firm is looking for a Sr. Information Security Engineer to join their team in New York, NY.
Compensation: $200-210k
Position is hybrid (mostly remote, but company policy could change to 3 days on-site)
The Senior Information Security Engineer will be responsible for securing and monitoring the firm's network, utilizing a variety of security appliances and tools as well as relying on his/her industry experience and knowledge. The role requires the engineer to assist in optimizing existing security solutions, identifying new security tools and solutions in support of minimizing information security risks. The engineer will also lead efforts related to deployment and operation of information security systems, including integration, testing, troubleshooting, updating/upgrading of various security tools and appliances such as Antivirus, IPS, malware detection tools, DLP, Identity and Access Management and encryption tools. In addition, the role entails working closely with security operations in responding to alerts and incidents and supporting the Manager of Security Operations with daily operational tasks and projects. To best perform this role, the candidate will be required to stay up to date with current vulnerabilities, attacks, and countermeasures, as well as staying current with all security-related news and developments.
Responsibilities:
Maintain and enhance existing security systems such as IDS/IPS, Anti-Virus, EPO, SIEM and other cyber-attack detection and analytics tools.
Assist with the technical aspect of third-party risk assessments.
Work closely with the IT department in troubleshooting various security-related issues and providing guidance in handling security requests.
Recommend and implement new security technologies to continuously mature the security program.
Perform real-time security log and event analysis and take action to contain and mitigate information security threats. The events will originate from SIEM, DLP, IDS/IPS, antivirus, firewalls and system security logs.
Experience in using SIEM technology, packet captures, reports, data visualization, pattern analysis and fine tuning of rules.
Identify and address incidents requiring remediation.
Create, analyze and develop remediation plans resulting from the identification of vulnerabilities discovered during scheduled scans.
Work across teams to accomplish security program goals.
Work closely with the Director of Information Security and the Manager of Security Operations to reduce risk and improve the security posture of the firm.
Knowledge, Skills, and Abilities Required:
Strong technical and infrastructure background: Advanced knowledge of servers, desktops, firewalls, routers and other network equipment.
Strong log analysis and SIEM experience.
SPLUNK Administrator or Power User a plus.
Strong Incident Response experience: TIER 2/3 CSIRT Analyst.
Detail-oriented and able to meet tight deadlines.
Excellent written, verbal and interpersonal skills.
Highly motivated self-starter with an inquisitive personality.
Strong knowledge of information security domains, concepts and principles and familiarity with frameworks such as ISO 27002 and NIST.
Penetration testing experience a plus.
Familiarity with MITRE Telecommunication&CK framework.
Experience with the following is pertinent to the role:
Vulnerability Scanning tools
Network Scanning/Management tools, Event Log management systems
Anti-virus, Anti-spam and other protective tools
Encryption products and Open source security-related tools
Forensic Tools
Malware Analysis
Advanced Persistent Threat analysis and mitigation
Education and Experience:
Bachelor's degree in related field or discipline.
8+ years of experience in information technology and security.
CISSP, CISA, GIAC and other Industry Certifications considered a plus.
.png)