Bessemer Trust
Information Security Engineer
Bessemer Trust, Woodbridge, New Jersey, us, 07095
The Information Security Engineer will be responsible for supporting, configuring, and deploying security solutions that protect the business, but also allow the business to execute and innovate. Working closely with, but not limited to, the Technology Operations and Application Delivery teams to secure and monitor IT infrastructure and applications. A solid understanding of information security principles and hands-on experience of host configuration, networking, operating systems, and cloud infrastructure is required. The candidate is expected to implement defenses to prevent and detect resilient adversaries from accessing corporate resources. Lastly, the position requires ongoing evaluation of implemented solutions as the security program evolves and the threat landscape changes.
Primary Responsibilities:
Research, validate and deploy solutions to meet security and business requirementsMaintain an up-to-date level of knowledge related to security threats, attack techniques, vulnerabilities, and mitigationsWork closely with infrastructure teams to advise and recommend tactical options to reduce attack surface, containment alternatives and impede attackers and limit exposure to new threats in the wild and verify the organization's security posture against themCollaborate with cross-functional teams to assess new vendors, evaluate their security controls, and identify potential risks to ensure alignment with the firm's security standards and risk tolerance.Help maintain a consistent, secure environment using configuration management solutions (e.g., TripWire, PowerShell Desired State.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accountsCollaborate with cloud and application teams to secure cloud assets and mitigate threats across the development and production cloud environments.Design, implement, and manage network segmentation and micro-segmentation strategies to isolate and protect critical assetsConfigure and manage secure web gateways/internet proxies to mitigate threats and data risksMonitor and secure enterprise databases against unauthorized or inappropriate accessProactively participate in incident response, forensics, troubleshooting and other security issues according to established proceduresInterface with Internal Audit to proactively manage any identified issues so they are addressed in a prompt and efficient mannerQualifications:
Bachelor's degree and at least 4-6 years of cybersecurity experience supporting Security Operations or Information Security teamsDeep understanding of Active Directory, server, endpoint, and network configurations with regards to risks and industry best practicesExperience with Cloud Security Posture Management (CSPM) concepts, best practices, and platforms (e.g., Wiz.io, Orca Security, Aqua Security)Experience with securing public cloud infrastructure assets, including serverless infrastructure, containers, container registries and Kubernetes (e.g., Docker, AWS ECS, AWS EKS, AWS Fargate).Experience with OS baselines and configuration management processes and platforms (e.g., Tripwire CCM)Experience with scripting languages such as Python or PowerShellExperience with database activity monitoring processes, best practices, and platforms (e.g., Imperva SecureSphere, IBM Guardium)Familiar with Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Secure Web Gateways (SWG) and Cloud Access Security Brokers (CASB) technologies and platforms (e.g., Zscaler, NetSkope, Palo Alto Prisma Access, Symantec Web Security Service)Familiar with network segmentation and micro-segmentation best practices and platforms (e.g., Illumio, GuardiCore).Familiar with anti-malware and Endpoint Detection and Response (EDR) platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender)Familiar with Data Loss Prevention (DLP) principles, best practices and platforms (e.g., Symantec DLP, Digital Guardian, Forcepoint DLP)Familiar with Web Application Firewalls (WAF), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Next-Generation Firewall capabilities and configuration.GSEC, GCIH, GCIA, GCFE, or CISSP preferable but not required
Primary Responsibilities:
Research, validate and deploy solutions to meet security and business requirementsMaintain an up-to-date level of knowledge related to security threats, attack techniques, vulnerabilities, and mitigationsWork closely with infrastructure teams to advise and recommend tactical options to reduce attack surface, containment alternatives and impede attackers and limit exposure to new threats in the wild and verify the organization's security posture against themCollaborate with cross-functional teams to assess new vendors, evaluate their security controls, and identify potential risks to ensure alignment with the firm's security standards and risk tolerance.Help maintain a consistent, secure environment using configuration management solutions (e.g., TripWire, PowerShell Desired State.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accountsCollaborate with cloud and application teams to secure cloud assets and mitigate threats across the development and production cloud environments.Design, implement, and manage network segmentation and micro-segmentation strategies to isolate and protect critical assetsConfigure and manage secure web gateways/internet proxies to mitigate threats and data risksMonitor and secure enterprise databases against unauthorized or inappropriate accessProactively participate in incident response, forensics, troubleshooting and other security issues according to established proceduresInterface with Internal Audit to proactively manage any identified issues so they are addressed in a prompt and efficient mannerQualifications:
Bachelor's degree and at least 4-6 years of cybersecurity experience supporting Security Operations or Information Security teamsDeep understanding of Active Directory, server, endpoint, and network configurations with regards to risks and industry best practicesExperience with Cloud Security Posture Management (CSPM) concepts, best practices, and platforms (e.g., Wiz.io, Orca Security, Aqua Security)Experience with securing public cloud infrastructure assets, including serverless infrastructure, containers, container registries and Kubernetes (e.g., Docker, AWS ECS, AWS EKS, AWS Fargate).Experience with OS baselines and configuration management processes and platforms (e.g., Tripwire CCM)Experience with scripting languages such as Python or PowerShellExperience with database activity monitoring processes, best practices, and platforms (e.g., Imperva SecureSphere, IBM Guardium)Familiar with Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Secure Web Gateways (SWG) and Cloud Access Security Brokers (CASB) technologies and platforms (e.g., Zscaler, NetSkope, Palo Alto Prisma Access, Symantec Web Security Service)Familiar with network segmentation and micro-segmentation best practices and platforms (e.g., Illumio, GuardiCore).Familiar with anti-malware and Endpoint Detection and Response (EDR) platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender)Familiar with Data Loss Prevention (DLP) principles, best practices and platforms (e.g., Symantec DLP, Digital Guardian, Forcepoint DLP)Familiar with Web Application Firewalls (WAF), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Next-Generation Firewall capabilities and configuration.GSEC, GCIH, GCIA, GCFE, or CISSP preferable but not required