Security Engineer / Analyst

This range is provided by Howard-Sloan Search. Your actual pay will be based on your skills and experience "” talk with your recruiter to learn more. Base pay range $120,000.00/yr - $140,000.00/yr Sr. Technical Recruiter - at Howard-Sloan Search Our Client: Leading investment firm in NY, NY is seeking IT Security Engineer / Analyst to join their team for Full Time role in their midtown NY location with hybrid work schedule model (3 Days in Office - 2 days remote). This FT role requires valid US authorization for Permanent employment and considers local candidates to New York area. About the role: As an IT Security Engineer / Analyst, you will be a part of a team in protecting the firm's digital assets through proactive Threat detection, Vulnerability management, remediations, and Incident Response. You will work closely with the Security Operations and IT teams to identify, assess, and remediate security threats while ensuring rapid and effective response to security incidents (ServiceNow). You thrive in a fast-paced environment where you can apply your security expertise to defend against evolving cyber threats. Responsibilities: Participate in incident response activities including threat detection, investigation, containment, and remediation of security events across the enterprise environment. Create vulnerability management processes including automated scanning and assessment workflows. Lead vulnerability assessment programs, including regular scanning, penetration testing, and security architecture reviews. Design and implement security monitoring solutions to detect and alert on potential threats and anomalous activities. Establish reporting mechanisms to track program effectiveness and security posture improvements. Develop security runbooks and document repository for all security operations, incident response scenarios, and critical security events. Drive continuous improvement of security monitoring capabilities, including use case development, alert tuning, and automation of response procedures. Maintain runbooks with new threats, tools, and procedures. Coordinate with IT teams to establish patch management processes and security hardening standards. Work with business units to ensure vulnerability management aligns with business objectives. Participate in on-call rotation for security incident response. Qualifications: Minimum of 4 years' hands-on experience in security operations, threat management, or vulnerability management in the financial industry. Experience with risk management frameworks and security best practices. Strong technical writing skills with experience creating technical documentation and process workflows. Knowledge of cyber threats, attack methodologies, and defensive strategies. Strong analytical and problem-solving skills with the ability to work under pressure. Bachelor's degree in computer science, Cybersecurity, or related field. Preferred: Industry certifications: CISSP, GCIH, GCIA, CEH, or OSCP. Compensation: The expected base salary for this position ranges from $120,000 - $140,000 per year and may include an annual discretionary performance-based bonus, competitive total compensation, and generous retirement plan contributions. Health and Welfare benefits (medical, dental, vision, life and disability) are also included. Seniority level Associate Employment type Full-time Job function Information Technology Industries Investment Management #J-18808-Ljbffr

Created: 2025-03-06