Windows Security Engineer
Requirements: Active Directory, Azure, CISSP, dsc, powershell , security, windows engineer, Windows Server
Location:New York, NY
Job Type:Full Time
Salary: $140k - $160k
Description of Responsibilities
We are a global financial services firm based in NYC looking for a senior Windows Security Engineer. In this role, you will be a subject matter expert with hands-on experience in a wide range of security technologies, tools and methodologies. The role is suited for an experienced Windows Engineer with proven understanding in enterprise security and will focus on building toolsets and processes to support the Information Security Program (ISP). We have a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.
· Provide a high level of security consultancy and engineering support for Windows security solutions including analysis and development of Windows security solutions.
· Partner with Desktop Engineering, Windows Compute, and Collaboration teams to bring Windows and iOS-based mobility solutions to our customers.
· Provide architecture assurance on Windows security initiatives and compliance of existing security standards.
· Maintain the security infrastructure tools that are built on the Windows platform, providing stability and policies and procedures.
· Support the development and delivery of a comprehensive ISP for the entire organization.
· Assist with the development and implementation of the ISP roadmap.
· Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to key business initiatives and strategies.
· Participate in Information Security Incident Response activities for the Firm’s environment.
· Perform periodic and on-demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities.
· Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
· Collaborate with IT management, Legal, Human Resources and Compliance departments to manage security vulnerabilities and investigations.
- Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production - and provide mentoring to junior level security professionals.
· Liaison with key stakeholders to create and enforce policy including Technology organization, Trading units, Legal, Internal Audit, and Compliance.
· Develop and maintain documentation of all Security products including specific tools, technologies and processes.
- Bachelor’s degree in Computer Science or Engineering preferred. 7 + years of experience working in a technical role with a minimum of 2 + years of experience focusing on information security in the financial industry (preferred).
- Excellent understanding and experience of engineering Windows security solutions – including desktop and server operating systems, Active Directory, Group Policy, Desired State Configuration (DSC), DNS, Messaging.
- Powershell scripting and .Net development skills in an enterprise environment.
- Experience with Office 365 security controls including usage of Azure Active Directory, Conditional Access, o365 logging APIs, Microsoft CAS, Azure Rights Management (RMS), Azure Information Protection (AIP), and Microsoft Authenticator.
- Strong knowledge and experience in a variety of security technologies including: Advanced Malware Protection, Data Loss Prevention (DLP), SIEM, Log Management including Elasticsearch Logstash Kibana (ELK), Vulnerability Management, and possess a passion for Information Security and Technology.
- Sound knowledge of file system access control (NTFS & NFS).
- Familiarity with NetApp storage solutions serving NFS & CIFS.
- Able to prioritize in a fast moving, high pressure, constantly changing environment.
- Ability to communicate and collaborate across teams.
- At least one security certification (CISSP, GCIA, CISM, etc.).