Information Security Operations Engineer

• Title: InfoSec Operations Engineer
• Location: Manhattan - hybrid, 3 days on-site - (NOT REMOTE)
• Compensation: $140,000 - $240,000

Glocomms are partnered with a prestigious trading firm based in NYC to grow out their Security division. We're currently searching for an InfoSec Operations Engineer to join the team based in Manhattan (working hybrid 3-days onsite per week), to assist in areas of IAM, EDR/NDR, Secrets & Key Management, and Third-Party Risk Coordination, whilst ensuring a smooth running of the IT business operations.

Key responsibilities:

• Manage end-to-end user lifecycle activities, including RBAC, entitlement governance, and policy violation resolution using SailPoint IIQ, Okta (SSO, MFA, SCIM), and Keeper. Troubleshoot authentication and authorization issues and oversee quarterly access certification processes.
• Administer and fine-tune HashiCorp Vault, handling account provisioning, PKI/TTL policy enforcement, and driving adoption of security best practices.
• Operate and maintain Endpoint Detection and Response and Network Detection and Response solutions, ensuring configurations align with industry standards and best practices.
• Configure and manage Zscaler Internet Access and Private Access, including SSL inspection exceptions and continuous monitoring of system health.
• Monitor and triage incoming ticket queues, evaluate access and change requests, and approve or reject workflows in accordance with internal security policies.
• Lead third-party risk assessments by coordinating with external vendors and internal stakeholders, collecting evidence, tracking remediation efforts, and ensuring timely completion of assessments.
• Manage support ticket queues, lead status meetings and post-incident reviews, and ensure service level agreements are met while keeping stakeholders informed throughout the process.

Qualifications:

• Minimum 3+ years of professional experience in security operations, enterprise IT infrastructure, or engineering roles focused on identity and access management (IAM).
• Proficient in the configuration, deployment, and lifecycle management of at least three of the following platforms: SailPoint IdentityIQ, Okta Identity Cloud, HashiCorp Vault, Zscaler Internet Access, Keeper Security, Duo Security, AWS Identity and Access Management (IAM), and Microsoft Azure Active Directory.
• Strong grasp of authentication and authorization protocols including SAML 2.0, OAuth 2.0/OIDC, Kerberos, and LDAP, as well as core networking principles such as TCP/IP, TLS encryption, and DNS resolution.
• Operational familiarity with ITIL-aligned service management practices, including incident response, change control, and problem resolution workflows.
• Demonstrated ability to lead technical discussions with stakeholders, produce detailed post-incident documentation, and communicate complex security concepts clearly in both written and verbal formats.