New York City, NY, United States Posted 5 days ago
The Cybersecurity Specialist is primarily responsible for keeping information systems secure, determining access requirements, and planning and implementing information security programs, to help protect against known cybercrime threats, including malware, phishing, viruses, denial-of-service attacks, information warfare and hacking.
Proficiency in analysis, forensics and reverse engineering to monitor and diagnose malware events and vulnerability issues
Make recommendations for solutions, including hardware and software programs that can help mitigate risk
Conducts incident prevention, detection, containment, eradication and recovery across IT systems, including developing processes, monitoring events, responding to incidents, summarizing and reporting findings.
Monitors information security systems and evaluates performance on key security issues, potential threats and vulnerabilities, recommending and implementing corrective action programs.
Creates and/or updates firm-wide policies and procedures documentation as needed (e.g., Incident Response, Information Security, Security Awareness, Computer Usage)
Coordinates internal and external audits, scans, penetration tests and other security assessments alongside consultants.
Helps to analyze, identify, implement and confirm appropriate security procedures, policies and controls are in place as to protect company data and systems.
Serves as primary point of contact for external third-party information security vendors.
Stay up-to-date with current security issues and regulations in the industry including researching latest findings, industry trends, and vendor-specific issues and resolutions; research and test new security tools
Train users, promote security awareness, develop policies and procedures, and communication/reporting to management and executive staff
Respond to incidents, investigate violations and recommend enhancements to plug potential security gaps
Analyze logs to improve system and network performance, isolate and detect failures, and identify security vulnerabilities or malicious activity
Lead and assist in troubleshooting problems with security and network systems
Implement the necessary controls and procedures to protect information systems assets from intentional or inadvertent modification, disclosure, or destruction
Perform regular security monitoring to identify any possible intrusions
Experience with network security monitoring systems and best practice procedures and standards; analysis of data and trends
Familiarity with industry methods for user training and awareness
Creating and testing security event procedures in the event of a security breach
Experience with firewalls, intrusion prevention systems, network sniffers (tcpdump, wireshark, ngrep) and other security tools
Knowledgeable in application transport and network infrastructure protocols (SSL/TLS, DNS, DHCP, NTP, FTP, HTTP, SMTP, LDAP, and Microsoft AD)
Experience with configuring and maintaining Splunk and extract actionable insights from the various logs fed into that system
Understanding and implementation of network traffic analysis, stateful inspection firewalls, authentication and authorization technology
Understanding of remote access methods and systems, encryption, VPN technologies (IPSEC, SSL VPN, GRE, DMVPN, etc.)
Good troubleshooting, problem solving, plus excellent verbal/written communication skills
Ability to manage critical situations and maintain positive relationships with colleagues and clients
Willingness to travel for training and support as required Bachelor’s degree or equivalent in IT or related fields; industry accepted security certifications (CISSP, SANS, etc.) a plus