New York, New York
$230000 - $0
* Responsible for operation of vulnerability assessment tools, scanning, researching and analyzing vulnerabilities, identifying relevant threats, recommend corrective actions, summarizing and reporting results.
* Research the latest IT security trends, attack vectors, and methodologies; understand the countermeasures in the industry and engage with stakeholders to resolve identified vulnerabilities within SLAs.
* Administration and daily operation of SIEM technologies, including rule creation, reporting, correlation and performance monitoring.
* Assist with investigations of security events to determine malfunctions, breaches, and remediation steps.
* Monitor systems to identify and respond to anomalous activity such as worms, Trojans, viruses, and malware.
* Plan, test, and deploy security controls to augment network and endpoint security functional areas.
* Support the operations of the SIEM, URL Filtering, Vulnerability Management, Endpoint Protection and Identity
Management tools as requested.
* Perform product evaluations and recommend and assist with the implementation of products/services for information security related hardware and software.
* Collaborate with Applications & Infrastructure teams as needed to ensure security compliance is met.
* Generate security reports and produce quality technical documentation for complex solutions.
* Perform additional duties as assigned
* 3-5 years of experience in Information Security with experience in large scale vulnerability and threat management program.
* Hands-on experience in designing and implementing technical solutions of IT Security tools at the enterprise level - e.g. AV, FW, SIEM, IDS/IPS, web and email content filtering, Vulnerability Management Tools, etc.
* Demonstrated experience in vulnerability management, including working with vulnerability management tools such as Qualys, Tenable, Rapid7 etc.
* Experience with SIEM technologies, including administration and analyst operation of SIEM within SOC functionality.
* Knowledge of networking components and various operating systems and cloud environments and understanding their security principles and technologies.
* Understanding of common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), encryption, endpoint security.
* Understanding of malware, emerging threats, attacks, and vulnerability management.
* Excellent communication skills, troubleshooting and analytical thinking skills, self-driven, multi-tasking, work collaboratively in a team environment, and willingness to adapt to change in dynamic, global environment are critical.
* Participate in a 24x7 Incident Response Team and available to work evenings and weekends as needed.