Information Technology

Senior Cyber Security Specialist

Friedman Williams

Senior Cyber Security Specialist

Job ID: 15572

Overview: This is a technical position where the candidate will manage, provide technical support, implement, maintain and troubleshoot all security products used by the Firm. The candidate must have significant hands on experience with security technologies and solutions. The candidate will also perform daily investigation of security incidents, security assessments and audits.

Responsibilities:

• Manage Intruder Detection sensors, firewalls, Anti-Virus, Web Filtering Solutions, DLP, IPS/IDS, NAC, DDOS protection, third-

party remote access, application white listing solutions, endpoint detection and response solutions.

• Manage Security Incident and Event Management systems (SIEM).

• Manager and investigate all security events until resolution.

• Manage privilege account management systems.

• Conduct technical security audits and perform risk assessments.

• Conduct firewall, network and systems configuration change and audits.

• Perform vulnerability scans on networks, servers, systems and applications.

• Create weekly security reports including keeping track of information security metrics.

• Work with consultants and third party vendors as it relates to security services they provide.

• Participate in project reviews of information security architectures associated with each initiative.

• Conduct malware analysis and research for new exploit techniques used by cyber criminals.

• Conduct proactive threat hunting.

• Research and test new security technologies.

• Manage and maintain a good relationship with third party security vendors that support Milbank (MSSP, SOC and others).

• Maintain and create new process to ensure the Firm’s security posture meets clients’ security requirements.

• Participate as part of member of Cyber Incident Response team.

• This is a remote position in CST or PST time zone.

Qualifications:

• 5-7+ Years’ experience in IT Security.

• Bachelor Degree in Computer Science or Information System or significant work experience.

• Must have the following certifications: CISA, CISM, CISSP, GIAC GSEC, PCNSE.

• Additional certifications a plus: OSCP.

• Extensive knowledge of security best practices in regards to computer systems, networks, telecommunication and all

associated hardware.

• Very strong analytical approach to problem solving and solution development.

• Must be passionate about security and strive to ensure the Firm is protected against evolving cyber threats.

• Must be a professional with customer satisfaction oriented mindset, creative and be able to balance security with business

objectives.

• Must be able to work well in teams.

• Must be able to think outside of the box and go beyond traditional security.

• Must be able to work with Director of Information Security in providing accurate and timely information and closely follow his d

direction.

• Ability to manage multiple projects and support functions.

• Ability to work in a fast paced and dynamic environment.

• Ability to travel when necessary.

• Must be available to report for work on regularly scheduled days and off hours when required.

• Must be available to take emergency off hour calls during security incidents.

• Strong analytical, communication and interpersonal skills.

• Must be able to quickly identify root causes specially during security incident investigation.

• Must be able to create accurate and detailed project plans and complete them in timely manner.

• Excellent documentation skills and capable of creating comprehensive security documents such as standard operating

procedures, guidelines and architecture diagrams.

• Able to fully perform the job function with minimum supervision.

• Must have hands on experience with following technologies:

o Cisco network devices

o In depth experience with Palo Alto firewalls with all the features available in the product

o Experience with Palo Alto Prisma

o Micro segmentation technology – Illumio, NSX or others

o SIEM products such as Microsoft Sentinel or others

o IDS & IPS (Vectra AI, Snort, Suricata, AlienVault, or others)

o Endpoint security products – CB Application Control, Microsoft Defender and Defender ATP.

o Vulnerability scans and penetration test using Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike or others..

o Open source security tools (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoast, TrustedSec SET and others) and

network traffic analysis

o Vulnerability management with Tenable IO, Rapid7 Nexpose, Qualys or others

o Experience with Windows operating systems, Active Directory, DNS, DHCP, Microsoft SQL

o Experience with Linux operating systems (Ubuntu, CentOS RedHat)

o Experience with Windows Servers and Workstations Security

o Experience with scripts (python, VB, Powershell and others)

o Experience with Privilege Account Management Solution (CyberArk, BeyondTrust or others)

o Microsoft M365 E5 security products and Azure

• Experience with following technologies are plus:

o Windows 10 Security (Credentials Guard, Application Guard and others)

o Authentic8 Silo and other isolating browsers

o E-mail protection solutions such as Mimecast, Proofpoint, Exchange Online and others

o DLP products – Exchange Online DLP, Microsoft Endpoint DLP, Microsoft Azure Information Protection

o Third Party vendor remote access solution – Securelink, BeyondTrust or others

o Forensics analysis using Guidance Encase platform or open source tools

o Cloudflare

o Deception Technology (Illusive or others)

o Forescout

o Vectra AI

Tagged as: Senior Cyber Security Specialist