HRUCKUS | Senior Security Engineer | new york city, ny

Veteran Firm Seeking Senior Security Engineer for an Onsite Role in New York, NYMy name is Stephen Hrutka. I lead a Veteran-owned consulting firm in Washington, DC, focused on strategic sourcing, supply chain management, and IT Staffing.We seek to fill a Senior Security Engineer role for the New York City Office of Technology and Innovation (NYC OTI). The ideal candidate is a NY resident who has 12+ years of experience in information security, 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management, and a Bachelor's degree in Computer Science or Information Systems or equivalent work experience.If you're interested, I'll gladly provide more details about the role and discuss your qualifications further.Thanks,Stephen M HrutkaPrincipal ConsultantSummary: HRUCKUS is seeking a Senior Security Engineer to support the New York City Office of Technology and Innovation (NYC OTI) for an onsite role in New York, NY. Position Description: The Senior Security Engineer is essential to securing the City of New York's systems for the MyCity Portal development project. This requires strong security controls over cloud identities and endpoint devices. Hardening cloud ecosystems through well-designed frameworks is critical in protecting the City of New York's systems and data from various cyber-attacks.Tasks:Perform organization-wide cybersecurity risk analysis and maintain updates on the identified risksCreate, socialize, and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organizationCreate and follow a process to track progress against cybersecurity plansLead the implementation of cybersecurity initiatives for MyCity Portal development projectCreate network architecture diagrams, collect communication flow information, and build high-level and low-level design documentsWork on complex network problems, interact with vendor support teams and drive the issue to resolutionTranslate compliance requirements into specific security controls and present compensating security controlsReport to upper management on current cybersecurity posture and progress on mitigating identified risksIdentify cybersecurity gaps and maintain a risk registerCreate metrics to measure cybersecurity control efficacyWork with partners to create and maintain incident response plansMonitor and respond to alertsReview and optimize existing cybersecurity controlsEnsure the organization's compliance with cybersecurity best practices, policies, and standardsEnforce endpoint security standardsAnalyze vulnerabilities and work with Application Development, IT, and Systems teams to ensure timely remediation and validationPerform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design, and application developmentInstruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environmentsMandatory SkillsExperience:Bachelor's degree in Computer Science, Information Systems, or equivalent work experienceAt least 12+ years of experience in information securityAt least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project managementAt least 8+ years of experience with networking, load-balancing, DNS, TLSSSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity managementAt least 4+ years of experience working in a cloud environment (Azure, AWS, GCP)At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (e.g., Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront, and WAF, and similar reverse-proxy technologies)At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technologyAt least 4+ years of experience using scripting languages (Python, Bash, PowerShell, etc.)At least 4+ years of experience with Windows, Linux, or MacOS administrationAt least 4+ years of experience working with vulnerability management and scanning toolsAt least 4+ years of experience working with application scanning toolsDesirable skillsexperience:Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environmentsExperience in implementing and operating Data Loss Prevention SystemsExperience in information security principles and practices, especially the implementation of practical technical controls to support organization policyStrong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle and compensating controlsStrong understanding of cloud-based services such as O365, AzureAD, IAM, Entra IDStrong understanding of CIS controlsExperience with Syslog-NG, LogScale (Humio), or similar SIEMlog aggregation systemsExperience with SSO products and services such as Entra ID, PingFederate, or OktaExperience with NetSkope, Zscaler, Palo Alto Networks Prisma Access, or similar cloud proxiesFamiliarly with CASBSASE productsExperience with Cloud-based EDRXDR toolsKnowledge of endpoint security management, configuration policies, and proceduresExperience with asset management and on-premcloud-based vulnerability management toolsHighly flexiblewilling to learn new technologiesHighly organized with excellent analytical, problem-solving solving, and decision-making skillsExcellent communication and collaboration skillsPosition Details:Work Location: 80 Maiden Lane, New York, NY 10038Scheduled Work Hours: 35 hoursweekDuration of Contract: 12 monthsTarget Hourly Pay Rate: $93hour

Created: 2024-11-25