CyberTec
Sr Security Engineer - Onsite !
CyberTec, New York, New York, us, 10261
Job Title :
Sr Security EngineerLocation: 80 Maiden Lane, New York, NY 10038Job Type : Onsite 100%Duration 12 MonthsOpening : 1 Opening !
Note:
This is 100% onsite position
The resource's function is essential to securing the City of New York's systems for the MyCity Portal development project. This requires strong security controls over cloud identities and endpoint devices. The hardening of cloud ecosystems through well-designed frameworks is critical in protecting the City of New York systems and data from various cyberattacks.
MyCity is a single portal for all City services and benefits. The vision is a simple, seamless, and intuitive experience interacting with City government digitally. It will be designed with New Yorkers at the center of the process to prioritize features by conducting user research. MyCity will produce value for New Yorkers, early and often through phased releases. There are several phases planned within the MyCity portal workstream (Child Care, Business Portal, Workforce Development Services, and others). This resource will work on all planned phases.
As the cyber threat landscape is evolving Citywide cybersecurity solutions are deployed in large, complex networked environments. The resource requires specialized resource skill set is specialized: to providing guidance at various stages of planning and implementing security design, processes and solutions, and pivot between numerous technical projects communicating status at various leadership levels. The resource will have significant interaction with NYC Cyber Command leadership, its engineering and architecture teams, incident response and other cyber security practitioners.
RESPONSIBILITIESLead the implementation of cybersecurity initiatives for MyCity Portal development projectPerform organization- wide cybersecurity risk analysis and maintain updates on the identified risksCreate, socialize, and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization.Create and follow a process to track progress against cybersecurity plansCreate network architecture diagrams, collect communication flow information, and build high level and low-level design documentsWork on complex network problems, interact with vendor support teams, and drive the issue to resolutionTranslate compliance requirements into specific security controls and present compensating security controlsReport to upper management on current cybersecurity posture and progress on mitigating identified risksIdentify cybersecurity gaps and maintain a risk registerCreate metrics to measure cybersecurity controls efficacyWork with partners to create and maintain incident response plansMonitor and respond to alertsReview and optimize existing cybersecurity controlsEnsure the organization compliance with cybersecurity best practices, policies and standardsEnforce endpoint security standardsAnalyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validationPerform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application developmentInstruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environmentsMANDATORY SKILLS/EXPERIENCENote:
Candidates who do not have the mandatory skills will not be considered
Bachelor's degree in Computer Science, Information Systems, or equivalent work experienceAt least 12+ years of experience in information securityAt least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project managementAt least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML, Kerberos, MFA technologies, and Identity managementAt least 4+ years of experience working in cloud environment (Azure, AWS, GCP)At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (e.g. Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, AWS CloudFront and WAF)At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology.At least 4+ years of experience using scripting languages (Python, Bash, PowerShell, etc.)At least 4+ years of experience with Windows, Linux, or MacOS administrationAt least 4+ years of experience working with vulnerability management and scanning tools.
DESIRABLE SKILLS
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environmentsExperience in implementing and operating Data Loss Prevention SystemsExperience of information security principles and practices, especially the implementation of practical technical controls to support organization policy.Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controlsStrong understanding of cloud-based services such as O365, AzureAD, IAMStrong understanding of CIS controlsExperience with Syslog-NG, Splunk, Humio or similar SIEM/log aggregation systemsExperience with SSO products and services such as PingFederate or OktaExperience with NetSkope, Zscaler or similar cloud proxiesFamiliarly with CASB/SASE productsExperience with Cloud-based EDR toolsKnowledge of endpoint security management, configuration policies, and proceduresExperience with asset management and on-prem/cloud-based vulnerability management toolsHighly flexible/willing to learn new technologies.Highly organized with excellent analytical, problem solving and decision-making skills.Excellent communication and collaboration skills
Note:
Occasional support outside of core business hours to accommodate 24/7/365 operation
Sr Security EngineerLocation: 80 Maiden Lane, New York, NY 10038Job Type : Onsite 100%Duration 12 MonthsOpening : 1 Opening !
Note:
This is 100% onsite position
The resource's function is essential to securing the City of New York's systems for the MyCity Portal development project. This requires strong security controls over cloud identities and endpoint devices. The hardening of cloud ecosystems through well-designed frameworks is critical in protecting the City of New York systems and data from various cyberattacks.
MyCity is a single portal for all City services and benefits. The vision is a simple, seamless, and intuitive experience interacting with City government digitally. It will be designed with New Yorkers at the center of the process to prioritize features by conducting user research. MyCity will produce value for New Yorkers, early and often through phased releases. There are several phases planned within the MyCity portal workstream (Child Care, Business Portal, Workforce Development Services, and others). This resource will work on all planned phases.
As the cyber threat landscape is evolving Citywide cybersecurity solutions are deployed in large, complex networked environments. The resource requires specialized resource skill set is specialized: to providing guidance at various stages of planning and implementing security design, processes and solutions, and pivot between numerous technical projects communicating status at various leadership levels. The resource will have significant interaction with NYC Cyber Command leadership, its engineering and architecture teams, incident response and other cyber security practitioners.
RESPONSIBILITIESLead the implementation of cybersecurity initiatives for MyCity Portal development projectPerform organization- wide cybersecurity risk analysis and maintain updates on the identified risksCreate, socialize, and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization.Create and follow a process to track progress against cybersecurity plansCreate network architecture diagrams, collect communication flow information, and build high level and low-level design documentsWork on complex network problems, interact with vendor support teams, and drive the issue to resolutionTranslate compliance requirements into specific security controls and present compensating security controlsReport to upper management on current cybersecurity posture and progress on mitigating identified risksIdentify cybersecurity gaps and maintain a risk registerCreate metrics to measure cybersecurity controls efficacyWork with partners to create and maintain incident response plansMonitor and respond to alertsReview and optimize existing cybersecurity controlsEnsure the organization compliance with cybersecurity best practices, policies and standardsEnforce endpoint security standardsAnalyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validationPerform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application developmentInstruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environmentsMANDATORY SKILLS/EXPERIENCENote:
Candidates who do not have the mandatory skills will not be considered
Bachelor's degree in Computer Science, Information Systems, or equivalent work experienceAt least 12+ years of experience in information securityAt least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project managementAt least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML, Kerberos, MFA technologies, and Identity managementAt least 4+ years of experience working in cloud environment (Azure, AWS, GCP)At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (e.g. Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, AWS CloudFront and WAF)At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology.At least 4+ years of experience using scripting languages (Python, Bash, PowerShell, etc.)At least 4+ years of experience with Windows, Linux, or MacOS administrationAt least 4+ years of experience working with vulnerability management and scanning tools.
DESIRABLE SKILLS
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environmentsExperience in implementing and operating Data Loss Prevention SystemsExperience of information security principles and practices, especially the implementation of practical technical controls to support organization policy.Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controlsStrong understanding of cloud-based services such as O365, AzureAD, IAMStrong understanding of CIS controlsExperience with Syslog-NG, Splunk, Humio or similar SIEM/log aggregation systemsExperience with SSO products and services such as PingFederate or OktaExperience with NetSkope, Zscaler or similar cloud proxiesFamiliarly with CASB/SASE productsExperience with Cloud-based EDR toolsKnowledge of endpoint security management, configuration policies, and proceduresExperience with asset management and on-prem/cloud-based vulnerability management toolsHighly flexible/willing to learn new technologies.Highly organized with excellent analytical, problem solving and decision-making skills.Excellent communication and collaboration skills
Note:
Occasional support outside of core business hours to accommodate 24/7/365 operation