TSR Consulting
Senior Security Analyst
TSR Consulting, New York, New York, us, 10261
About TSR:
TSR is a relationship-based, customer-focused IT and technical services staffing company.
For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR Consulting Services, have prospered in the Information Technology staffing business, earning the respect of companies both large and small with well refined candidate screening, timely placement, and a real understanding of the right skill sets required by our clients.
Mission & Vision
We do not believe in building a vision around the company but building a company around our vision, which is simply;
Every employee's voice matters, their effort is appreciated, and their talent is rewarded.
We challenge each employee daily, to raise the bar on how we treat our consultants and candidates. For far too long in this industry, candidates have been ghosted, lied to, or placed at a client and then forgotten about. Each day our staff works tirelessly at qualifying and placing, top talent with our clients, in a compassionate and caring manner.
Not every candidate is a match for the job, but every candidate and consultant will be treated with respect and professionalism.
Senior Security Analyst
Job Description
Location: New York, New YorkType: ContractJob #80593Our client, a leading utilities company, is hiring a
Senior Security Analyst,
on a contract basis.
Job ID #: 80593
Work Location:New York, NY
Summary:Under the general guidance of the IT/Security Architect or Systems Manager, the candidate will be responsible for evaluating and implementing new technologies, analyzing cybersecurity related components and controls associated to the product, process and solution, and identify and resolve potential issues to help enhance and secure a large enterprise network. The position requires a broad foundation of IT/Security architectural experience with an understanding of Internet, server/storage technologies, cloud services/integrations are a must. The candidate will be responsible for designing complex and innovative solutions addressing vulnerability detection, threat and risk analysis, network intrusion, securing technology assets across the application, infrastructure, cloud and data tiers and development/implementation of vulnerability mitigation strategies. This is a hands-on team member who actively works with various teams including security, infrastructure and development teams to improve our overall security standards. This position is expected to be the last level of technical escalation within the company for the assigned responsibilities.
Responsibilities:
Guides Cyber Governance and Information Protection team and makes informed security decisions on the design of infrastructure, systems and applications.Works with tech leads and teams to ensure security is built into app development, network infrastructure and cloud systems. Work with necessary Information Technology groups to satisfy specific technology related issues. Act as an Information Security liaison between the customers and all groups in Information TechnologyImplements industry leading practices around cyber risks and Cloud security and perform security assessments of cloud platforms/environments using industry standard frameworks such as ISO, CSA-CSM and NISTDesigns and develops security policies, standards and procedures e.g. firewall rules, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.Identifies software weaknesses that could lead to exploitable vulnerabilities such as SQL injection, cross-site scripting, cross-site request forgery, buffer overflows, use of hard-coded passwords, weak encryption, sensitive data.Seasoned professional with detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation. Can advise on architecture decisions at technical and product level.Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols.Experience working with Cloud security posture management tools.Constantly looking for better ways of solving security problems and designing the solution, not afraid of challenging the status quo.Respond swiftly to all alerts, performing initial risk/impact assessments or escalating issues as appropriateFollow change management controls and guidelines.Support operating organizations during corporate emergencies. Participate in the Company's emergency management processes, cyber security and storm plans.Perform other related tasks and assignments as required.
TSR is a relationship-based, customer-focused IT and technical services staffing company.
For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR Consulting Services, have prospered in the Information Technology staffing business, earning the respect of companies both large and small with well refined candidate screening, timely placement, and a real understanding of the right skill sets required by our clients.
Mission & Vision
We do not believe in building a vision around the company but building a company around our vision, which is simply;
Every employee's voice matters, their effort is appreciated, and their talent is rewarded.
We challenge each employee daily, to raise the bar on how we treat our consultants and candidates. For far too long in this industry, candidates have been ghosted, lied to, or placed at a client and then forgotten about. Each day our staff works tirelessly at qualifying and placing, top talent with our clients, in a compassionate and caring manner.
Not every candidate is a match for the job, but every candidate and consultant will be treated with respect and professionalism.
Senior Security Analyst
Job Description
Location: New York, New YorkType: ContractJob #80593Our client, a leading utilities company, is hiring a
Senior Security Analyst,
on a contract basis.
Job ID #: 80593
Work Location:New York, NY
Summary:Under the general guidance of the IT/Security Architect or Systems Manager, the candidate will be responsible for evaluating and implementing new technologies, analyzing cybersecurity related components and controls associated to the product, process and solution, and identify and resolve potential issues to help enhance and secure a large enterprise network. The position requires a broad foundation of IT/Security architectural experience with an understanding of Internet, server/storage technologies, cloud services/integrations are a must. The candidate will be responsible for designing complex and innovative solutions addressing vulnerability detection, threat and risk analysis, network intrusion, securing technology assets across the application, infrastructure, cloud and data tiers and development/implementation of vulnerability mitigation strategies. This is a hands-on team member who actively works with various teams including security, infrastructure and development teams to improve our overall security standards. This position is expected to be the last level of technical escalation within the company for the assigned responsibilities.
Responsibilities:
Guides Cyber Governance and Information Protection team and makes informed security decisions on the design of infrastructure, systems and applications.Works with tech leads and teams to ensure security is built into app development, network infrastructure and cloud systems. Work with necessary Information Technology groups to satisfy specific technology related issues. Act as an Information Security liaison between the customers and all groups in Information TechnologyImplements industry leading practices around cyber risks and Cloud security and perform security assessments of cloud platforms/environments using industry standard frameworks such as ISO, CSA-CSM and NISTDesigns and develops security policies, standards and procedures e.g. firewall rules, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.Identifies software weaknesses that could lead to exploitable vulnerabilities such as SQL injection, cross-site scripting, cross-site request forgery, buffer overflows, use of hard-coded passwords, weak encryption, sensitive data.Seasoned professional with detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation. Can advise on architecture decisions at technical and product level.Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols.Experience working with Cloud security posture management tools.Constantly looking for better ways of solving security problems and designing the solution, not afraid of challenging the status quo.Respond swiftly to all alerts, performing initial risk/impact assessments or escalating issues as appropriateFollow change management controls and guidelines.Support operating organizations during corporate emergencies. Participate in the Company's emergency management processes, cyber security and storm plans.Perform other related tasks and assignments as required.