Press ENTER to skip to the job description.
Cybersecurity Engineer

Cybersecurity Engineer
CT, Stamford

Job Description

We are looking for a Cybersecurity Engineer for a contract to hire position with our client in Stamford, CT. Please review the job details and send qualified resumes to mary.abraham@harveynashusa.com.

The ​Cybersecurity Engineer​ plays a critical role in safeguarding Enterprise Technology assets. This role will report to the VP of Cybersecurity & Network and be responsible to plan and carry out security measures to monitor and protect sensitive data and systems from infiltration, exfiltration, and cyber-attacks. The successful candidate is versatile, takes initiative, can manage multiple priorities at the same time, weigh risks and articulate security concerns and controls to technical and non-technical audiences. He/she must have a “security first” mindset, keep up to date on newly emerging threats and industry best practices around cyber security. 

Key Responsibilities:

·         Lead security-related projects from inception to completion. 

·         Participate in technical projects requiring Cybersecurity oversight and ensure policies, procedures and standards are met.

·         Recommend new solutions and make improvements to existing security controls that support and enable business innovation.

·         Conduct internal verification and validation testing of technology infrastructure to identify security gaps and weaknesses.

·         Develop and recommend necessary changes to the technology environment to ensure systems are compliant with regulatory requirements and privacy laws.

·         Assist with security configuration standards for systems and business applications.

·         Define and enforce Cybersecurity policies and procedures

·         Identity and Access Management

·         Privileged Account Management

·         Running audit reports and maintaining policy compliance

·         IaaS security oversight (AWS, GCP)

·         Follow standard best security practices and recommend security enhancements to management

·         Monitor security industry breach notifications and vulnerability alerts; Identify emerging risks to and escalate accordingly

·         Administer, update and configure Infrastructure cybersecurity tools, such as BeyondTrust, Carbon Black, Duo, Cylance, Tenable.io, SumoLogic, FireEye, Varonis

·         Monitor and respond to internal security alert notifications and escalations

·         Develop and maintain up-to-date cybersecurity processes and procedures

·         Manage an evolving vulnerability management program 

·         Vulnerability remediation

·         Manage web application scans for all Enterprise Technology and Media Technology groups

·         Evaluate and onboard third-party new security products and vendors

·         Mature and document a cybersecurity incident response program

·         Define and provide meaningful monthly metrics for executive visibility into cybersecurity KPI’s 

·         Actively streamline and simplify workflows and processes. Leverage automation and orchestration for improved efficiency and efficacy where possible.

·         Maintain an asset classification system to ensure that critical assets are identified and hardware inventory is maintained

·         Work with Infrastructure and Workplace Technology to ensure all new devices are hardened to company standards and industry best practices 

Qualifications:

·         10+ years of technical experience in Information/Cyber Security or Network Engineering with at least 5+ years of experience in a security role.

·         Bachelor/Masters degree in Cyber Security plus industry security certifications. CISSP and CEH preferred.

·         Direct experience and administration Privileged Account Management and IAM 

·         Knowledge of Kali Linux and penetration testing utilities 

·         Experience with Network and Systems Infrastructure

·         Moderate knowledge and experience with Cloud technologies (Amazon, Google Cloud)

·         Experience planning, researching and developing security standards and procedures

·         Event analysis capability, leveraging log sources and packet captures

·         Incident investigation and response skill set

·         Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)

·         Knowledge of malware operation and indicators

·         Scripting experience a plus (Python, Bash, etc.)

·         Moderate to Advanced Knowledge of penetration testing techniques

·         Knowledge or Windows, Linux/Unix, IDS/IPS systems; Firewall and Proxy technology

·         Moderate knowledge of audit requirements (SOX, GDPR, PCI, HIPAA)

·         Strong organizational, communication, and interpersonal skills

·         Good attention to detail and follow-up skills

·         Experience in the Media and Entertainment industry a plus

Apply Now