Bessemer Trust Company
Information Security Engineer
Bessemer Trust Company, Woodbridge, New Jersey, us, 07095
The Information Security Engineer will be responsible for supporting, configuring, and deploying security solutions that protect the business, but also allow the business to execute and innovate. Working closely with, but not limited to, the Technology Operations and Application Delivery teams to secure and monitor IT infrastructure and applications. A solid understanding of information security principles and hands-on experience of host configuration, networking, operating systems, and cloud infrastructure is required. The candidate is expected to implement defenses to prevent and detect resilient adversaries from accessing corporate resources. Lastly, the position requires ongoing evaluation of implemented solutions as the security program evolves and the threat landscape changes.
If the following job requirements and experience match your skills, please ensure you apply promptly.
Primary Responsibilities:
Research, validate and deploy solutions to meet security and business requirements Maintain an up-to-date level of knowledge related to security threats, attack techniques, vulnerabilities, and mitigations Work closely with infrastructure teams to advise and recommend tactical options to reduce attack surface, containment alternatives and impede attackers and limit exposure to new threats in the wild and verify the organization’s security posture against them Collaborate with cross-functional teams to assess new vendors, evaluate their security controls, and identify potential risks to ensure alignment with the firm's security standards and risk tolerance. Help maintain a consistent, secure environment using configuration management solutions (e.g., TripWire, PowerShell Desired State.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts Collaborate with cloud and application teams to secure cloud assets and mitigate threats across the development and production cloud environments. Design, implement, and manage network segmentation and micro-segmentation strategies to isolate and protect critical assets Configure and manage secure web gateways/internet proxies to mitigate threats and data risks Monitor and secure enterprise databases against unauthorized or inappropriate access Proactively participate in incident response, forensics, troubleshooting and other security issues according to established procedures Interface with Internal Audit to proactively manage any identified issues so they are addressed in a prompt and efficient manner
Qualifications:
Bachelor’s degree and at least 4-6 years of cybersecurity experience supporting Security Operations or Information Security teams Deep understanding of Active Directory, server, endpoint, and network configurations with regards to risks and industry best practices Experience with Cloud Security Posture Management (CSPM) concepts, best practices, and platforms (e.g., Wiz.io, Orca Security, Aqua Security) Experience with securing public cloud infrastructure assets, including serverless infrastructure, containers, container registries and Kubernetes (e.g., Docker, AWS ECS, AWS EKS, AWS Fargate). Experience with OS baselines and configuration management processes and platforms (e.g., Tripwire CCM) Experience with scripting languages such as Python or PowerShell Experience with database activity monitoring processes, best practices, and platforms (e.g., Imperva SecureSphere, IBM Guardium) Familiar with Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Secure Web Gateways (SWG) and Cloud Access Security Brokers (CASB) technologies and platforms (e.g., Zscaler, NetSkope, Palo Alto Prisma Access, Symantec Web Security Service) Familiar with network segmentation and micro-segmentation best practices and platforms (e.g., Illumio, GuardiCore). Familiar with anti-malware and Endpoint Detection and Response (EDR) platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender) Familiar with Data Loss Prevention (DLP) principles, best practices and platforms (e.g., Symantec DLP, Digital Guardian, Forcepoint DLP) Familiar with Web Application Firewalls (WAF), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Next-Generation Firewall capabilities and configuration. GSEC, GCIH, GCIA, GCFE, or CISSP preferable but not required
About Bessemer Trust Bessemer Trust is a leading multifamily office, overseeing more than $200 billion in assets for 3,000 individuals and families of substantial wealth. Its 1,200 employees are singularly focused on private wealth management — disciplined investment management, sophisticated wealth planning, comprehensive family office services, and highly personalized client service.
Established in 1907 as the family office for Annie and Henry Phipps, Bessemer Trust is in its seventh generation of ownership by the Phipps family. As a self-made entrepreneur, Henry Phipps was a founding partner and chief financial officer of Carnegie Steel.
Bessemer Trust retains its original focus as a privately owned and independent wealth manager deeply committed to its mission of providing peace of mind to its clients. Bessemer's adherence to putting clients' interests first, fiduciary mindset, and highly collaborative culture are at the heart of everything the firm does.
Key Facts
For 117 years, Bessemer Trust has operated continuously in a single line of business, independently owned by one family. Headquartered in New York’s Rockefeller Center, Bessemer Trust has 22 offices in total. Woodbridge, NJ, is one of the firm’s largest offices, which hosts a wide range of technology and operations professionals. In addition to its sizable presence in New York and Woodbridge, the firm provides client service through offices in Atlanta, Boston, Chicago, Dallas, Delaware, Denver, Garden City, Grand Cayman, Greenwich, Houston, Los Angeles, Miami, Naples, Nevada, Palm Beach, San Diego, San Francisco, Seattle, Stuart, and Washington, D.C. To watch a video about Bessemer Trust’s history, click here. To learn more about Bessemer Trust, click here.
About Our Employee Rewards and Benefits
We provide exceptional rewards and benefits that are among the best in the industry, giving our people access to a wide range of options, including:
Competitive base salary plus discretionary annual bonus for select positions A 401(k) plan with a generous annual profit-sharing contribution Personalized development and career opportunities, including tuition reimbursement support Comprehensive medical, dental, and vision plans with zero contributions for employee coverage Employee assistance (EAP) and wellness programs Hybrid work environment: 60% in office, 40% remote for most positions Paid time off and paid parental leave Employer-paid life insurance and short- and long-term disability coverage Legal services and financial wellness plans at no cost to employees
Bessemer Trust is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. We encourage candidates of diverse backgrounds to apply.
If the following job requirements and experience match your skills, please ensure you apply promptly.
Primary Responsibilities:
Research, validate and deploy solutions to meet security and business requirements Maintain an up-to-date level of knowledge related to security threats, attack techniques, vulnerabilities, and mitigations Work closely with infrastructure teams to advise and recommend tactical options to reduce attack surface, containment alternatives and impede attackers and limit exposure to new threats in the wild and verify the organization’s security posture against them Collaborate with cross-functional teams to assess new vendors, evaluate their security controls, and identify potential risks to ensure alignment with the firm's security standards and risk tolerance. Help maintain a consistent, secure environment using configuration management solutions (e.g., TripWire, PowerShell Desired State.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts Collaborate with cloud and application teams to secure cloud assets and mitigate threats across the development and production cloud environments. Design, implement, and manage network segmentation and micro-segmentation strategies to isolate and protect critical assets Configure and manage secure web gateways/internet proxies to mitigate threats and data risks Monitor and secure enterprise databases against unauthorized or inappropriate access Proactively participate in incident response, forensics, troubleshooting and other security issues according to established procedures Interface with Internal Audit to proactively manage any identified issues so they are addressed in a prompt and efficient manner
Qualifications:
Bachelor’s degree and at least 4-6 years of cybersecurity experience supporting Security Operations or Information Security teams Deep understanding of Active Directory, server, endpoint, and network configurations with regards to risks and industry best practices Experience with Cloud Security Posture Management (CSPM) concepts, best practices, and platforms (e.g., Wiz.io, Orca Security, Aqua Security) Experience with securing public cloud infrastructure assets, including serverless infrastructure, containers, container registries and Kubernetes (e.g., Docker, AWS ECS, AWS EKS, AWS Fargate). Experience with OS baselines and configuration management processes and platforms (e.g., Tripwire CCM) Experience with scripting languages such as Python or PowerShell Experience with database activity monitoring processes, best practices, and platforms (e.g., Imperva SecureSphere, IBM Guardium) Familiar with Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Secure Web Gateways (SWG) and Cloud Access Security Brokers (CASB) technologies and platforms (e.g., Zscaler, NetSkope, Palo Alto Prisma Access, Symantec Web Security Service) Familiar with network segmentation and micro-segmentation best practices and platforms (e.g., Illumio, GuardiCore). Familiar with anti-malware and Endpoint Detection and Response (EDR) platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender) Familiar with Data Loss Prevention (DLP) principles, best practices and platforms (e.g., Symantec DLP, Digital Guardian, Forcepoint DLP) Familiar with Web Application Firewalls (WAF), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Next-Generation Firewall capabilities and configuration. GSEC, GCIH, GCIA, GCFE, or CISSP preferable but not required
About Bessemer Trust Bessemer Trust is a leading multifamily office, overseeing more than $200 billion in assets for 3,000 individuals and families of substantial wealth. Its 1,200 employees are singularly focused on private wealth management — disciplined investment management, sophisticated wealth planning, comprehensive family office services, and highly personalized client service.
Established in 1907 as the family office for Annie and Henry Phipps, Bessemer Trust is in its seventh generation of ownership by the Phipps family. As a self-made entrepreneur, Henry Phipps was a founding partner and chief financial officer of Carnegie Steel.
Bessemer Trust retains its original focus as a privately owned and independent wealth manager deeply committed to its mission of providing peace of mind to its clients. Bessemer's adherence to putting clients' interests first, fiduciary mindset, and highly collaborative culture are at the heart of everything the firm does.
Key Facts
For 117 years, Bessemer Trust has operated continuously in a single line of business, independently owned by one family. Headquartered in New York’s Rockefeller Center, Bessemer Trust has 22 offices in total. Woodbridge, NJ, is one of the firm’s largest offices, which hosts a wide range of technology and operations professionals. In addition to its sizable presence in New York and Woodbridge, the firm provides client service through offices in Atlanta, Boston, Chicago, Dallas, Delaware, Denver, Garden City, Grand Cayman, Greenwich, Houston, Los Angeles, Miami, Naples, Nevada, Palm Beach, San Diego, San Francisco, Seattle, Stuart, and Washington, D.C. To watch a video about Bessemer Trust’s history, click here. To learn more about Bessemer Trust, click here.
About Our Employee Rewards and Benefits
We provide exceptional rewards and benefits that are among the best in the industry, giving our people access to a wide range of options, including:
Competitive base salary plus discretionary annual bonus for select positions A 401(k) plan with a generous annual profit-sharing contribution Personalized development and career opportunities, including tuition reimbursement support Comprehensive medical, dental, and vision plans with zero contributions for employee coverage Employee assistance (EAP) and wellness programs Hybrid work environment: 60% in office, 40% remote for most positions Paid time off and paid parental leave Employer-paid life insurance and short- and long-term disability coverage Legal services and financial wellness plans at no cost to employees
Bessemer Trust is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. We encourage candidates of diverse backgrounds to apply.