the smart solution for Jersey City jobs

Senior Security and Risk Engineer

Company: Garrison Associates
Location: Jersey City
Posted on: January 14, 2019

Job Description:

Premier global professional services firm is seeking a Senior Security and Risk Engineer to provide infrastructure engineering and services to the family of companies encompassing 60,000 employees. Responsibilities:

  • The Senior Security and Risk Engineer is principally responsible for researching, designing, and integrating information security solutions and controls across the global enterprise in a way that is transparent to end users, supports executive strategies, and fundamentally ensures the security of the information the firm is entrusted to protect. The Senior Security and Risk Engineer is responsible for conducting industry research on new and emerging security technologies in support of enhancing and maintaining evolving corporate strategies to ensure that security solutions will exhibit high levels of performance, security, scalability, maintainability, appropriate reusability and reliability upon deployment over $13 billion in revenue generation.
  • The Senior Security and Risk Engineer will design network security perimeter architecture, review internal and external IT projects and applications for risk and adherence to security policies, standards, and industry best practices. This position will lead and participate on multiple internal security project teams to evaluate and deploy security technologies globally and to make design recommendations for hardware/software products for the firm. Must define, document and design secure infrastructure and application architectures within the primary tenants of Availability, Integrity and Confidentiality.
  • The Senior Security and Risk Engineer is responsible for maintaining and updating multiple product road maps supporting the secure infrastructure framework. This position will provide thought leadership regarding solutions, designs, architecture, integration, support, strategies across the entire organization to include decision making through successful implementation while employing the highest levels of integrity. Every decision must consider both direct and indirect impacts on the global IT infrastructure.
  • Design, document, and deploy secure infrastructure solutions globally to enhance and evolve the security posture of the firm ensuring data integrity, availability and confidentiality of all data entrusted to the firm to protect. This includes millions invested in Next Generation Firewall architecture, anti-virus & anti-malware controls, proxy solutions, Data Loss Prevention software, whole disk and removable media device encryption, 2FA and MFA authentication, and PKI technologies.
  • Drive and implement key security strategies within the operating companies designed to protect thousands of applications and servers world-wide from threats. Responsible to design and implement network security architecture controls in support of hundreds of internal and external business IT projects and applications contributing to revenue growth globally. Review, assess and sign off on business projects with respect to risk and adherence to security policies, standards, and industry best practices for data protection of company and client data. Lead project teams to include design, connectivity, and software solutions aligning security, cost, performance, and customer requirements to reach viable secure solutions.
  • Drive technical and strategic direction of the Information Security function across all of companies globally. Responsible for maintaining and updating information security technology road maps through industry research, knowledge transfer, continued learning. Document and maintain comprehensive information security road maps and strategies with respect to process mapping, technical diagrams and schematics, standard operating procedures, and technical infrastructure documentation which results in the protection of sensitive information across thousands of applications and thousands of servers world-wide.
  • Partner with and provide information security expertise to the operating companies to provide guidance and direction on secure application hosting for hundreds of internal and client facing application systems. Assess applications and the associated data flow for risk to sensitive data, systems, or infrastructure. Collaboratively document security controls and application access requirements associated with hosted applications and systems.
  • End-to-End enterprise-wide tier III troubleshooting of network, desktop, server (hardware & software) and application performance & connectivity across the global wide area network as it relates to Information Security. Participate in or lead Computer Incident Response Teams (CIRT) as necessary by providing tier III support to mitigate active security incidents possible threatening the Global computing environment.
    • Globally identify, document, measure and communicate technical Information Security Risks across the organization's data networks, systems, and applications using standard company tool sets and assessment processes to identify significant risk and attack surfaces which threaten the firm's revenue generating capabilities. Build enhanced risk assessment methodologies to effectively communicate technical attack threats to executive level business leaders in business terms.
    • Conduct technical risk and change reviews, enforcing the firm's Security and Compliance policies and best practices as required to ensure our highly sensitive client and company information is appropriately secured. Engage business and project teams globally to clearly explain policies, decisions, and appropriate threat mitigation steps to maximize efficiency and productivity of the security assessment process. Identify and suggest enhancements to global processes to ensure continued effectiveness. Qualifications
      • 4-year college/university degree required
      • Minimum 5+ years of application security architecture experience with large scale implementations spanning multiple business lines distributed globally.
      • Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications at the network and host levels.
      • Strong knowledge of WAF technologies. Experience with F5 ASM is preferred.
      • Familiarity with web application security vulnerabilities such as XSS, SQLi, CSRF
      • Familiarity with common web application technologies such as .NET, Java, Openstack, Docker, TAM, SSL/TLS, load-balancing, etc.
      • Familiar with common security controls on both Windows and Unix-based operating systems.
      • Familiarity with Application Hosting in Public Clouds i.e. AWS and Azure
      • Good understanding of Microsoft AD and integration in to secure application hosting environments.
      • Good written and verbal communication skills a must.
      • Must be able to quickly and succinctly architect and create technical solution documentation.
      • Must be a self-starter, work with limited supervision & be able to work well with others in a globally diverse IT environment.
      • Knowledge of cryptography as it relates to application and network security is a must.
      • Experience coding/scripting with common languages such as Java Script, Python & Perl is preferred.
      • CISSP and/or CSSLP certification is preferred. Other Information Security oriented certifications a plus
      • Understanding of industry leading Cyber Risk framework such as NIST 800-53 - provided by Dice Security engineering, risk, Internet application hosting, WAF, vulnerabilities, Public Cloud, CISSP or CSSLP preferred

        Keywords: Garrison Associates, Jersey City , Senior Security and Risk Engineer, Engineering , Jersey City, New Jersey

        Click here to apply!

        Didn't find what you're looking for? Search again!

        I'm looking for
        in category

Other Engineering Jobs

Chief Engineer
Description: Job Description: ul ul li 1 Directs activities of workers in engineering department. ul li 2 Directs engineering
Company: Green Hill Condominiums
Location: Wynnewood
Posted on: 01/21/2019

Auth0 Engineer
Description: Auth0 is called Autho zero. Can be 100 remoteMust be w2 only 70 w-2Send anyone that has Auth0 recently in projects.6 month contract to start Our client in the Philadelphia area is looking for an Auth0 (more...)
Company: EliteInfotek Inc.
Location: Philadelphia
Posted on: 01/21/2019

Sr Principal Engineer - Combination Products
Description: This position ensures that devices and packaging used in combination products are developed and manufactured in accordance with regulatory and customer requirements. They will be responsible for Device (more...)
Company: Bristol Myers Squibb
Location: New Brunswick
Posted on: 01/21/2019

Senior Controls/ Electrical Engineer
Description: br ul br li Develop, test, troubleshoot, modify, and commission SCADA and GE Proficy HMI/SCADA iFIX control system applications. br li Specify and purchase control system hardware
Company: Cameron Craig Group
Location: Philadelphia
Posted on: 01/21/2019

Industrial Mechanic
Description: BWAY is one of the largest manufacturers of rigid metal and plastic containers in North America. Our diverse products and broad geographic reach have made us a market leader in the general line packaging (more...)
Company: Mauser Packaging Solutions
Location: Trenton
Posted on: 01/21/2019

Hotel Engineer - The Ritz-Carlton New York, Westchester (190000TR)
Description: Hotel Engineer At more than 80 award-winning properties worldwide, The Ritz-Carlton Ladies and Gentlemen create experiences so exceptional that long after a guest stays with us, the experience stays with (more...)
Company: Marriott International, inc.
Location: White Plains
Posted on: 01/21/2019

Maintenance Mechanic- 2nd shift
Description: Mauser is one of the largest manufacturers of rigid metal and plastic containers in North America. Our diverse products and broad geographic reach have made us a market leader in the general line packaging (more...)
Company: Mauser Packaging Solutions
Location: North Wales
Posted on: 01/21/2019

Diesel Mechanic, Operators, Pipefitters, Laborers
Description: General Is looking for a well experienced DIESEL MECHANIC
Company: Tse Inc
Location: Scranton
Posted on: 01/21/2019

Director Manufacturing Engineering
Description: The Director of Manufacturing Engineering is responsible and accountable for supporting any and all existing manufacturing operations and for managing to successful completion key development and process (more...)
Company: Globus Medical, Inc.
Location: Eagleville
Posted on: 01/21/2019

Core Engineering - Deployment Runtime and Architecture - Foundational
Description: MORE ABOUT THIS JOB What We Do At Goldman Sachs, our Engineers don't just make things - we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging (more...)
Company: Goldman Sachs USA
Location: Jersey City
Posted on: 01/21/2019

Log In or Create An Account

Get the latest New Jersey jobs by following @recnetNJ on Twitter!

Jersey City RSS job feeds