Senior Security Architect
New York, NY 10017 US
High Profile Buy-Side Firm seeks Senior Security Architect with strong Cyber Security Vulnerability Management technical programs experience.
Would you like to join an mid-sized high end Asset Management firm and take ownership of the TVM program?
In a very hands-on capacity you will responsible for managing enterprise Vulnerability Management (monitoring, remediation,...) and while also supporting several core network security tools... interesting projects, very professional and high-end environment.
You will manage and lead a small team of dedicated team of security engineers, champion and coordinate major security initiatives, identify and remediate cyber risks through risk assessments and penetration and vulnerability testing, and maintain all related policies and procedures.
In summary, you will be responsible for the implementation, engineering, and management of security initiatives related to Threat Vulnerability Management including evaluation and adoption of new systems and working business units regarding vulnerability issues with the primary goal of protecting the bank from cyber threats and attack:
- Assess the organization's information technology and computer system platforms to identify strengths and weaknesses in the security environment by performing penetration tests, and vulnerability assessments on local area and wide area networks, and virtual private networks, and participate in risk assessments as process owner for cybersecurity related processes.
- Assess routers, firewalls, and comparable systems to determine efficacy.
- Recommend, plan and implement architectural changes to boost security structures by blending knowledge of security hardware and software, organizational needs, and cybersecurity risks with organizational policies and industry standards.
- Build and maintain security systems and networks, prepare budgetary proposals for system upgrades and projects, and allocate personnel resources as needed.
- Manage and lead a team of engineers and coordinate effective security protocols.
- Respond to security breaches and incidents by assessing causes, damages, and data recovery, and preparing thorough reports for management and executives. Implement appropriate changes, updates, and upgrades in response to vulnerabilities and incursions.
- 7+ years of experience implementing Vulnerability Management solutions that includes SME level knowledge of Tenable / Nessus.
- Enterprise penetration and vulnerability scanning and analysis.
- Endpoint management and best practices.
- Strong Project Management skills
- Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability.
- Solid understanding of security protocols, cryptography, authentication, authorization and security.
- Palo Alto Firewall administration, Panorama, network security, operations and management best practices.
- Cisco ASA Firewalls
- Cisco ACS
- Python scripting
- Basic network design and infrastructure including support and administration of next-generation firewalls (Palo Alto and CISCO Firesight/Firepower)
- Advanced level knowledge in networking and protocols - BGP, OSFP, IP, WAN, LAN, NAT.
- Active Directory and Group Policy.
- LogRhythm, Carbon Black experience helpful.
- Tenable training and/or CISSP strongly preferred.
- Extensive banking/financial services cyber security experience
- Completed Bachelor’s degree with Computer Science or related (math, engineering,...) course of study
*currently 100% remote due to COVID but with a hybrid return to office 1-2 days per week scheduled for October
security AND vulnerability AND scanning AND monitor AND cyber
"Palo Alto" AND Cisco AND (firesight OR firewpower) AND firewall AND "client VPN" AND "Multi-Factor Authentication" AND "IP space administration" AND ("Next-generation" OR "NGFW") AND "Network Access Control" AND Cisco ISE"
3+ years of work experience supporting enterprise security solutions including experience with next generation firewalls such as Palo Alto and Cisco FireSIGHT/FirePOWER
Must have in-depth knowledge of network security best practices and various tools (Cisco VPN, Palo Alto VPN, Cisco ACS, Cisco ISE, NGFW, Solarwinds, IP Management tools, WireShark,...).