Skip to content


New York City, NY Contract Posted: Tuesday, 13 February 2018

The Information Security Engineer/Analyst will work under the direction of the Information Security Officer in the implementation and monitoring of security tools and solutions.

This mid-level hands-on role requires someone with 2 to 5 years of Information Security technical experience in a mid size corporate environment. He/She will have a strong understanding of Firewalls, Routers, Switches, IDS, SIEMS, VPN's, Encryption, Vulnerability scans, Anti Virus/Anti Malware tools, VLAN's, Sandbox, DMZ's, Proxies, VMware, Active Directory and Access Control technologies.

Additional responsibilities include assistance with: Maintenance and implementation of the Information Security Policy, Regulation H compliance, Identify theft prevention program, coordination of IT related audits and exams, GLBA assessment, IT Risk assessment, DR, BCP, SOX and overall IT related governance.

- Identify, assess, measure and monitor remediation of information security risks for internal systems, networks, projects and third parties.
- Conduct risk assessments and present results to support management action, escalation and risk acceptance processes.
- Drive the consistent implementation of company-specific policies and procedures in accordance with Client's global and local information security and privacy policies.
- Support the implementation of the information security standards across Clients Branches and Rep Offices.
- Manage security projects and assist with integrating security and risk management best practices into business projects and initiatives.
- Monitor and analyze security controls and logs to identify risks and potential incidents.
- Monitor and analyze security vulnerabilities and propose effective and innovative remediation approaches.
- Collaborate with colleagues to ensure that security tools support the overall security strategy.
- Support the planning and execution of Client's projects by serving as a security advisor and project team member.
- Identify and lead functionality improvements in security tools and their supporting processes.
- Assist in creating Information Security requirements for new products and services.
- Review changes in production systems.

Disaster Recovery -
- Provide IT Security support to the BCP team as needed.
- Participate in BCP tests exercising standard based methodology.

Reporting -
- Monitor, gather and report on IT Security and BCP related incidents and provide regular activity reports.
- Report on the status of remediation, related to the implementation, change, retirement or upgrade of IT Security and BCP controls and processes.

- Must possess a strong understanding of information security best practices.
- Must possess a strong understanding of Internet standards and protocols.
- Solid understanding of host/network common vulnerabilities and exploits (CVEs), hacker methodologies and tactics, and the tools used
- Ability to analyze output from various security tools and translate into actionable risks.
- Understanding of privacy laws (eg, GLBA), information security, governance, risk and compliance controls, conducting risk assessments.
- Ability to understand and work with complex regulations across multiple jurisdictions.
- Thorough understanding of BCP procedures.
- Project leadership and management including the ability to complete projects in a timely manner.

Technical Skills:
- Knowledge of computer applications, hardware, software and communications platforms.

- Ability to collaborate and communicate effectively and tactfully with both business-oriented executives and technology-oriented colleagues.
- Ability to work independently and pro actively in unstructured environments.
- Ability to manage multiple projects simultaneously that involve key stakeholders across a global and complex organization.
- CISSP, CISM or related SANS certifications are desired but not required.
- Experience with and knowledge in Firewall, system, and network architectures and security best practices.
- Familiarity with information technology protocol behavior.

New York City, NY, United States of America
2/13/2018 12:36:09 PM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.

Other jobs like this

New York, New York
Jersey City, New Jersey