Register Login

Senior Cyber Security Specialist Job requirement

Title: Senior Cyber Security Specialist

Location: Midtown (New York City), NY

Duration: 3 Months (likely to be extended and go long term)

Purpose of Position:Works closely with the CISO to manage security policies, evaluate new security solutions. The position requires a deep understanding of security products such as SIEM products, Firewalls, VPNs, intrusion prevention, web proxies, vulnerability management and email filtering, and a working knowledge of standard anti-virus and advance anti-malware technologies.Essential Job Functions:

  1. Provide thorough knowledge and understanding in: computer networks, cloud and mobile devices, application architectures, databases and security products.
  2. Create and review security metrics with the CISO to measure security effectiveness of the Bank's security program.
  3. Engage with IT to ensure non-compliant items are addressed in timely matter.
  4. Work with the relevant internal IT Infrastructure, Help Desk Support and Development teams to ensure that security controls are implemented at all significant and relevant phases of all IT processes.
  5. Ensure that the IT systems are compliant with applicable regulations, policies, and industry guidance such as SANS Top 20, OWASP Top 10, ISO 27001, NIST *** and CIS Security Benchmarks. Where gaps are identified, assist in planning and implementation of controls.
  6. Review security event log data and investigate anomalies.
  7. Perform testing to evaluate new products system security controls.
  8. Manage security related events and tracking of remediation process.
  9. Respond to, and where appropriate, resolve or escalate reported security incidents.
  10. Participate in IT projects and champion Information Security throughout the organization.
  11. Design, implement and support information security solutions including security architectures, change/configuration management, and the integration of security products as needed.
  12. Design, manage, and troubleshoot security monitoring agents on information systems.
  13. Design, manage, support, report and track the Vulnerability and Penetration Management program.
  14. Develop security guidelines for technology solutions for e.g.: NAC (Network access controls platforms, Data Loss Prevention (DLP), Endpoint Security platforms, etc.
  15. Support and manage Cyber resiliency program in order to assess critical business processes against the known cyber threats and vulnerabilities.
  16. Manage formal risk assessments for Information and Cyber security processes within the Bank.
  17. Conduct information security risk assessments for the Third-party vendor risk processes.
  18. Strong fluency in using communication tools (Excel, PowerPoint, Visio, Word) to develop storyboards for frequent reporting purposes.

Knowledge, Skills and Experience Requirements:

  1. Bachelor's degree in Computer Science or related discipline or equivalent work experience
  2. Minimum 8 years in Information Technology with 3 years of Information and Cybersecurity relevant experience
  3. Strong knowledge of Information Security concepts including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Secure SDLC, Incident Management, Vulnerability Assessment, Third Party IS Assessment, Secure Configurations, Patch Management, etc.
  4. Employ influencing skills to obtain buy-in and participation from various groups and stakeholders without direct control.
  5. Build and maintain collaborative relationships with partners, clients and peers.
  6. Ability to communicate effectively at different levels of the organization, and with various technical and business audiences.
  7. Excellent problem solving abilities and analytical skills. Ability to see the big picture with high attention to critical details.
  8. Results oriented, is able to achieve de...

See full