Senior Associate, Security Engineer(s)
5 Penn Plaza New York, NY 10001 US
Job Description
- Oversee and manage IT security operations.
- Detect vulnerabilities through scanning platforms.
- Collaborate with business and engineering teams to plan and implement remediation for identified vulnerabilities.
- Address vulnerabilities through multiple remediation methods
- Develop antivirus policies, generate reports, and remediate malicious files
- Plan and execute GPO policy upgrades to enhance security in Active Directory environments.
- Audit and remediate access permissions for NFS/NTFS systems, including shared folders.
- Implement best practices for securing applications and platforms, such as MFA and certificate management.
- Coordinate urgent remediation efforts for critical vulnerabilities with staff.
- Participate in both internal and external audits.
- Create and maintain policies, procedures, and other relevant documentation as needed.
- Identify and address security gaps within the infrastructure.
- Develop and document security practices.
- Lead and execute security-related projects.
- Familiarity with various Identity and Access Management systems is a plus.
- Preferred certifications: CISSP, CISM, CISA, CCSP, ITIL, Security+, or similar.
- Advanced understanding of infrastructure, including Active Directory, AWS, Windows desktop/server OS, VMware, storage systems, DNS, and firewalls.
- Advanced knowledge of protocols such as WMI, SNMP, TLS, SSL, SMB, etc.
- Expertise in securing systems and platforms through device/policy hardening.
- Understanding of SSL Certificates.
- Ability to clearly communicate technical information to end users, both verbally and in writing.
- Proficiency in MS Outlook, Word, Excel, Visio, and PowerPoint.
- Experience with PCI, ISO 27001, ISO 27002, URAC regulations, and familiarity with CMS, NIST, and other healthcare industry-related regulations.
- Availability to work nights and weekends during planned or unplanned outages and other special circumstances, with 24/7 accountability.
- Willingness to participate in an on-call rotation.
- Ability to lift up to 50 lbs.
- BS or MS in Computer Science or a related field, with relevant industry certifications.
- 4+ years of experience securing Cloud, Mobile, or Client/Server software, including embedded systems.
- 6+ years of experience in technology and cybersecurity.