Sr. Information Security Engineer

Financial services firm with offices in Jersey City, NJ and NYC has a long-term consulting need for an InfoSec Engineer with a concentration in Systems and Identity Management. This is not an operational role, nor is it about Pen Testing and Incident Response. This role is about designing processes around on-prem infrastructure, Active Directory, Identity and Privileged access.

Job Responsibilities:

• Will be part of the team responsible for engineering and implementing various security
  projects and administration and monitoring of various security systems.
• Collaborate with business units and corporate partners to ensure solutions are built in
  consistent with the organization's policies, programs, architectural recommendations, and
  information security standards.
• Collaborate with development teams and onboard applications OIDC/SAML with identity
  provider for singe-sign-on.
• Build automation to streamline PAM processes such as built-in account discovery from Linux
  endpoints, inactive system/account management, etc.
• Enforce baseline configuration standards and security hardening on core services such as
  Active Directory. DNS and DHCP.
• Create and deploy security guardrails to AWS infrastructure as infrastructure as code through
  Git.
• Understand the common types of cyber-attacks and countermeasures in the industry and
  engage with the business units to resolve within SLAs.
• Create and maintain technical process documentation (procedures and playbooks) for
  security systems/processes.
• Develop, build, and implement a mature and robust set of metrics and reports in
  Splunk/Power BI.

Required Qualifications:

• Knowledge and understanding of security engineering, system and network security,
  authentication and security protocols, incident management.
• Good understanding in Identity Access Management tools such as OKTA or others and
  experience in implementing SSO and federation standards such as SAML, OIDC and MFA.
• Develop, implement, and manage security standards and operational processes to secure
  the AWS platform and resources such as EC2, S3, LB, GWs, and other AWS services.
• Experience in both Active Directory, DNS, DHCP, windows and Linux operating system.
• Experience with Security Information and Event Management (SIEM) platforms (Splunk,
  ELK), logical thinking and ability to create searches, dashboards, etc. preferred.
• Ability to communicate network security issues to peers and management.
• Thorough understanding of the latest security principles, techniques, and protocols.
• Strong critical thinking, deductive reasoning, prioritization, and problem-solving skills.
• Experience with analyze/implement best practice configuration standards for systems and
  network devices.
• Ability to manage and lead complex enterprise-wide projects and multi-task.
• Experience with preparing standards/guidelines, playbooks, and procedure documents.
• Experience with managing projects, skills to prioritize project and tasks to meet deadlines.
• Automation experience in Python, PowerShell, and experience with Git for infrastructure as
  code management using Terraform and Terragrunt.
• Knowledge of various Security domains, Compliance requirements and Risk management
  practices and security industry standards and best practices NIST, CSA, CIS etc.