We are looking for a techncially experienced security engineer to join a global financial wealth management organsiation and work with their global security technology engineering team.
The primary function of this role will focus on the supporting the IT Security technologies and processes. Ensuring that all alerts and events are correctly followed up and investigated as well as liaising with other IT teams and departments (Compliance, Data Privacy, Risk) to ensure incident playbooks are accurately followed.
In addition, as part of this role you will be responsible for developing, monitoring, evaluating and maintaining systems and procedures to protect the confidentiality, integrity and availability of information systems.
This position evaluates existing data security procedures and identifies new areas of risk as well as reviewing new security applications. This is a technical position that requires knowledge of security industry standards, incident response handling, provide technical security recommendations and/or solutions around systems and networks, and have a solid grasp of overall IT architecture.
Duties and responsibilities
- Perform security incident investigations including chain of custody, containment measures, root cause analysis, and identification of preventive measures
- Assist with the implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
- Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information
- Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures
- Verifies security controls in new and existing computer systems conform to security policies and guidelines.
- Identify potential security risks, and document remediation options or mitigating controls.
- Assist in integrating regulatory compliance requirements (e.g., SOX, GLBA) into the organizational security roadmap
- Participate in the Information Security on-call rotation
- Carry out additional duties as assigned
Technical skills and qualifications
You can meet the following:
- Bachelor’s Degree in Computer Science and/or related field preferred.
- Security related certifications preferred (Security+, CEH, CISSP, OSCP, etc.).
- 3+ years’ experience in information security.
- Experience in supporting data loss prevention technologies and processes.
- Experience in cyber incident response handling procedures and forensic investigation tools.
- Proficient in the security of Windows and UNIX (security access rights, configuration best practices, and potential vulnerabilities).
- Intermediate knowledge of the OSI model and security that is associated with each layer.
- Intermediate knowledge of wide area network security as it pertains to networking protocols and connectivity to/from outside resources (switches, routers, firewalls, VPNs, encryption, and authentication methods).
- Experience with modern scripting languages.