Location : ,
Title: Cybersecurity Engineer
MANDATORY SKILLS/EXPERIENCE |
Minimum 9 years of experience with system design and security engineering with experience implementing a wide range of solutions both in cloud and on-prem. • Knowledge of security engineering to ensure security solutions development aligns with the defined architecture strategies • Bachelors /Master’s degree from an accredited college/university or equivalent work experience. • Professional certifications in security, preferably in any two; CCSP, CISSP, CISA, Azure Solutions Architect Certification, Microsoft Azure Architect Certification & Microsoft Azure Architect Technologies • Strong understanding of secure design and reviews, identity and access management |
protocols, Secure SDLC, OWASP, NIST. |
DESIRABLE SKILLS/EXPERIENCE: • Good knowledge of Identity Access Management (IAM), SAML, Federation, Privilege Access Management (PAM), and MFA technologies. • Data Security (Cryptography and Encryption). • Knowledge of advanced Auditing and Log Management. • Security vulnerabilities scanning tools. • Knowledge of Cloud Access Broker Services (CASB) and configuration based on best practices. • Data Loss Prevention (DLP) tools and configuration based on best practices. • User behavior monitoring. • Data analysis of Network, Cloud, and Endpoint data. • Centralized management of next generation firewalls and intrusion detection and prevention systems (IDS/IPS). • Provide oversight and assess security controls for IaaS, PaaS, and SaaS services, while collaborating with system integrators and NYCERS teams to deliver reliable and scalable security capabilities. • Optimization of security tools and controls. • Oversee and lead the implementation of all security solutions, develop technical, and reference architectures throughout the project duration. • Perform as a subject matter expert on cloud technologies, build, and recommend security infrastructure from scratch and raise security risks in a timely manner. • Develop security requirements for complex internet facing applications and associated infrastructure components. • Responsible for assessing and reviewing end-to-end secure integrations including web services and APIs. • Work closely with client security team and third party system integrators on security engineering related issues and resolving the issues without affecting the overall project delivery timelines. • Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends. • Analyzes trends, news, advisories, and changes in threat and conduct security assessments with risk mitigation plans. • Review vulnerability management reports and follow-up with technical stakeholders on remediation efforts. • Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with incident responders. |