Lead Security Engineer
Location: Chicago/New York
Salary: $150,000 - $200,000 DOE
Responsibilities
You will improve the security and safeguard the firm and will be working closely with our engineers to design and plan all future improvements across our network. Ideally we are looking for someone who can bring best practices and will be responsible for setting policies to perform penetration testing of our technology while strengthening our detection and response capabilities.
Other responsibilities
- Identify, prioritize and implement security improvements that maximize security and protect the firm
- Improve network monitoring, creating analytics from security logs and be best prepared for incident response
- Identify vulnerabilities, threats, and risk exposure and implement the most optimal solution
- Perform penetration testing on enterprise networks and systems
- Design, test and implement secure internet and connectivity worldwide
- Implement internal controls and hardened linux machine configs and working with other system engineers
- Develop and document our cyber security standards
- Articulate and translate security risks and vulnerabilities into practical solutions
Qualifications
- An undergraduate or an advanced degree in a quantitative field such as Computer Science, Engineering or one of the hard sciences
- 6+ years of experience in IT Security
- Experience reviewing and verifying the security configurations of Cisco or Arista network devices such as web and email filters, firewalls, routers, and switches.
- MUST be familiar with Palo Alto networks and Fortigate
- Deep understanding of TCP/IP, OSI model, and component and system dependencies concepts
- Must have demonstrated knowledge of vulnerability management policies and procedures
- Knowledge about the functions of various security infrastructure, including firewalls, intrusion prevention systems, Proxy Servers, IPsec and SSL VPNs, etc.
- Experience developing security tools with Python
- Familiarity working in a Linux environment
- Information System Security Certifications (Security+, CISSP, etc.) is a plus