Senior Cybersecurity Engineer (Partial Remote)

Global Property and Casualty Provider seeks an experienced Cybersecurity Engineer to support the Information Security Officer in designing, developing, and implementing cybersecurity and IT security solutions including Azure NSG, WAF, VPN devices, load balancers, firewalls, and other security infrastructure.

Responsibilities:

• Identify, assess, and mitigate risks to ensure data and system security and integrity. Manage and maintain the vulnerability and patch management program.
  
• Ensure compliance with regulatory requirements and industry standards, including PCI, NYDFS, and NIST.
  
• Collaborate with the Information Security Officer to develop and implement robust security architectures and designs to protect against cyber threats.
  
• Lead and execute cybersecurity projects from conception to completion, ensuring effective security measures are deployed.
  
• Monitor and manage IPS/IDS managed services, both internal and outsourced.
  
• Maintain and update a comprehensive information security program that includes policies and processes to minimize risk and ensure data integrity and availability.
  
• Evaluate and implement tiered defensive posturing systems and policies to defend against malware threats.
  
• Create and maintain information security policies, standards, controls, and procedures to comply with evolving laws and regulations.
  
• Use a risk-based approach to secure applications, databases, or infrastructure based on technology and business needs.
  
• Manage testing and vulnerability analysis, including third-party scanning, pen testing, and network security providers.
  
• Oversee the Identity and Access Management Platform – OKTA and Azure AD.
  
• Administer Illumio and Zscaler for micro-segmentation and zero trust security models to reduce attack surfaces and limit lateral movement within the network.
  
• Conduct phishing simulation training programs to educate employees on identifying and avoiding phishing attacks.
  
• Handle proxy issues requiring manufacturer intervention for final resolution.
  
• Maintain documentation and continuously improve existing infrastructure, network/security, and audit standards.
  
• Manage and maintain technologies such as antivirus, encryption systems, firewalls, access, and authentication technologies.
  

Qualifications:

• 5 to 7 years of technical experience in a security environment.
  
• Certified Information Systems Auditor (CISA ) or CISSP ((Certified Information Systems Security Professional)
  
• Over 3 years of experience with Security Information and Event Management (SIEM) tuning and reporting.
  
• 5 to 7 years of experience in managing security for users, platforms, and devices, including authentication, access controls, authorization, and integration of enterprise directories with other systems in large, complex environments.
  
• Proficiency with enterprise-class security products such as Identity Access Management, Web Access Management, and Single Sign-On.
  
• Strong knowledge of common security frameworks and regulations, with substantial experience in cloud environments.
  
• Expertise in security-related topics, including authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, the principle of least privilege, software attack methods, secure data transfer/storage, etc.
  
• Excellent verbal and written communication skills, with the ability to convey information clearly to team members, stakeholders, and senior managers.
  
• Deep understanding of protocols such as TCP/IP, HTTP, and TLS/SSL at OSI network layers.
  
• Experience with security tools and creating detailed documentation.
  
• Experience managing vendor relationships with security and technology manufacturers, consultants, or VARs, including negotiating contracts and coordinating activities related to hardware, software, telecommunications, support, and training vendors.
  
  

** Position requires US Citizenship or Permanent Residency (Green Card) **