Job Details

Home

Security Engineer at New York, New York, USA

From:

Vikrama,

Valiantiq

[email protected]

Reply to:   [email protected]

Job Title: Senior Security Engineer

Location: 80 Maiden Lane, New York, NY (Hybrid)

Duration: 12 Months

Job Description:

SCOPE OF SERVICES

MyCity is a single portal for all City services and benefits.

The vision is a simple, seamless, and intuitive experience interacting with City government digitally.

It is designed with New Yorkers at the center of the process to prioritize features by conducting user research.

MyCity produces value for New Yorkers, early and often through phased releases.

There are several phases within the MyCity portal workstream (Child Care, Business Portal, Workforce Development Services and others).

OTI Cyber Command is looking for additional support as the cyber threat landscape continues to evolve and Citywide cybersecurity solutions are deployed in large, complex networked environments.

The needed resource skill set is specialized in: providing guidance at various stages of planning and implementing security design, processes and solutions, testing and validation, and pivot between numerous technical projects communicating status at various leadership levels.

The resource will have significant interaction with NYC Cyber Command leadership, its engineering, architecture, and application security teams, incident response and other cyber security practitioners.

TASKS:

Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks

Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization

Create and follow a process to track progress against cybersecurity plans

Lead the implementation of cybersecurity initiatives for MyCity Portal development project

Create network architecture diagrams, collect communication flow information, and build high level and low level design documents

Work on complex network problems, interact with vendor support teams, and drive the issue to resolution

Translate compliance requirements into specific security controls and present compensating security controls

Report to upper management on current cybersecurity posture and progress on mitigating identified risks

Identify cybersecurity gaps and maintain a risk register

Create metrics to measure cybersecurity controls efficacy

Work with partners to create and maintain incident response plans

Monitor and respond to alerts

Review and optimize existing cybersecurity controls

Ensure the organization compliance with cybersecurity best practices, policies and standards

Enforce endpoint security standards

Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation

Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development

Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments

MANDATORY SKILLS/EXPERIENCE

Bachelor's degree in Computer Science, Information Systems or equivalent work experience

At least 12+ years of experience in information security

At least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

At least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management

At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.

At least 4+ years of experience working in cloud environment (Azure, AWS, GCP)

At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)

At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology

At least 4+ years of experience using scripting languages (Python, Bash, Power, etc.)

At least 4+ years of experience with Windows, Linux, or MacOS administration

At least 4+ years of experience working with vulnerability management and scanning tools

At least 4+ years of experience working with application scanning tools

DESIRABLE SKILLS/EXPERIENCE:

Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments

Experience in implementing and operating Data Loss Prevention Systems

Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy

Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls

Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID

Strong understanding of CIS controls

Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems

Experience with SSO products and services such as Entra ID, PingFederate, or Okta

Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies

Familiarly with CASB/SASE products

Experience with Cloud-based EDR/XDR tools

Knowledge of endpoint security management, configuration policies, and procedures

Experience with asset management and on-prem/cloud-based vulnerability management tools

Highly flexible/willing to learn new technologies

Highly organized with excellent analytical, problem solving and decision-making skills

Excellent communication and collaboration skills

Thanks & Regards,

Vikrama Rao

Recruitment Executive- ValiantIQ Inc.

"Searching Best Minds

Searching Best Minds"

Email:

[email protected]

P.
18032918038
F. (302) 482-3672

Disclaimer:
  If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line for automatic removal. And mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience.

Keywords: information technology Idaho New York
Security Engineer
[email protected]

[email protected]
View All

07:55 PM 10-Feb-25

To remove this job post send "job_kill 2158471" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

vrao@valiantiq.com wrote:
From:

Vikrama,

Valiantiq

vrao@valiantiq.com

Reply to:   vrao@valiantiq.com

Job Title: Senior Security Engineer

Location: 80 Maiden Lane, New York, NY (Hybrid)

Duration: 12 Months

Job Description:

SCOPE OF SERVICES

MyCity is a single portal for all City services and benefits.

The vision is a simple, seamless, and intuitive experience interacting with City government digitally.

It is designed with New Yorkers at the center of the process to prioritize features by conducting user research.

MyCity produces value for New Yorkers, early and often through phased releases.

There are several phases within the MyCity portal workstream (Child Care, Business Portal, Workforce Development Services and others).

OTI Cyber Command is looking for additional support as the cyber threat landscape continues to evolve and Citywide cybersecurity solutions are deployed in large, complex networked environments.

The needed resource skill set is specialized in: providing guidance at various stages of planning and implementing security design, processes and solutions, testing and validation, and pivot between numerous technical projects communicating status at various leadership levels.

The resource will have significant interaction with NYC Cyber Command leadership, its engineering, architecture, and application security teams, incident response and other cyber security practitioners.

TASKS:

Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks

Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization

Create and follow a process to track progress against cybersecurity plans

Lead the implementation of cybersecurity initiatives for MyCity Portal development project

Create network architecture diagrams, collect communication flow information, and build high level and low level design documents

Work on complex network problems, interact with vendor support teams, and drive the issue to resolution

Translate compliance requirements into specific security controls and present compensating security controls

Report to upper management on current cybersecurity posture and progress on mitigating identified risks

Identify cybersecurity gaps and maintain a risk register

Create metrics to measure cybersecurity controls efficacy

Work with partners to create and maintain incident response plans

Monitor and respond to alerts

Review and optimize existing cybersecurity controls

Ensure the organization compliance with cybersecurity best practices, policies and standards

Enforce endpoint security standards

Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation

Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development

Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments

MANDATORY SKILLS/EXPERIENCE

Bachelor's degree in Computer Science, Information Systems or equivalent work experience

At least 12+ years of experience in information security

At least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

At least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management

At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.

At least 4+ years of experience working in cloud environment (Azure, AWS, GCP)

At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)

At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology

At least 4+ years of experience using scripting languages (Python, Bash, Power, etc.)

At least 4+ years of experience with Windows, Linux, or MacOS administration

At least 4+ years of experience working with vulnerability management and scanning tools

At least 4+ years of experience working with application scanning tools

DESIRABLE SKILLS/EXPERIENCE:

Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments

Experience in implementing and operating Data Loss Prevention Systems

Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy

Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls

Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID

Strong understanding of CIS controls

Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems

Experience with SSO products and services such as Entra ID, PingFederate, or Okta

Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies

Familiarly with CASB/SASE products

Experience with Cloud-based EDR/XDR tools

Knowledge of endpoint security management, configuration policies, and procedures

Experience with asset management and on-prem/cloud-based vulnerability management tools

Highly flexible/willing to learn new technologies

Highly organized with excellent analytical, problem solving and decision-making skills

Excellent communication and collaboration skills

Thanks & Regards,

Vikrama Rao

Recruitment Executive- ValiantIQ Inc.

"Searching Best Minds

Searching Best Minds"

Email:

vrao@valiantiq.com

P. 
18032918038 
F. (302) 482-3672

Disclaimer:
  If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line for automatic removal. And mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience.

Keywords: information technology Idaho New York 
Security Engineer
vrao@valiantiq.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 8

Location: New York, New York