The Security Engineer will be responsible for the confidentiality, integrity, and availability of all systems at Western Asset. This includes analysis and review of events escalated from our automated detection systems, analysis of traffic flows utilizing SIEM/IPS technology and other tools to detect malicious activity, and completion of tasks associated with security monitoring, detection, and incident response on an as needed basis.
- Lead the efforts and assist with establishing formal vulnerability assessment, remediation, and security risk management program.
- Monitor and research current industry security emerging threat metrics, technology best practices, security posture, tools, threat detection and counter measures, analysis, and formulate process improvement.
- Measure and communicate vulnerability management related risks to various stakeholders including business units, infrastructure organizations and management.
- Conduct and schedule regular vulnerability assessment scans, conformance reports and remediation plans.
- Maintain and coordinate security controls for Windows servers, workstations, Unix/Linux servers, and other infrastructure network services. This includes conducting system security reviews, patch management plans, risk mitigation and conformance plans.
- Monitor, analyze and respond to various suspicious security events (SIEM – IPS/IDS/Firewall/Proxy/VPN/AD/, etc.).
- Assist in incident response related activities and support forensics and root cause analysis.
- Security project management and monitor Helpdesk ticketing system for issues related to Security.
- Research and evaluate new security technologies as needed.
Required Skills (minimum 4 years)
This role is highly technical, requiring at least 4 years of experience in vulnerability assessment and other information security engineering disciplines:
- Experience with security risk assessment, risk management, compliance, and security policy formulation.
- Experience in designing vulnerability management lifecycle through process setup for vulnerability scanning including scan iterations and frequency, post vulnerability discovery process and remediation support model.
- Experience with capturing business requirements, risk areas, and translating them into critical assets from a vulnerability standpoint.
- Experience with one or more of the following security vulnerability assessment and management tools (McAfee MVM, Qualys, GFI LanGuard, Nessus, Rapid7, WebInspect, AppScan).
- Experience with incident handling, management and computer forensics methodologies.
- Advanced knowledge and working experience with proxy and web content security filtering technologies.
- Excellent written, verbal, presentation, and communication skills.
- Strong understanding of TCP, UDP, security protocols, IP protocols and packet analysis.
- Experience with Microsoft Windows server and client administration.
- Experience in conducting formal penetration testing tasks (highly desirable).
- Experience and/or exposure to SIEM technologies including event correlation and syslog analysis.
- Experience with network firewalls, intrusion prevention systems, and network architecture.
- Experience with Linux and UNIX operating systems.
- Experience with mobile and smart device security and management framework.
- Project management background with good multitasking and prioritization skills.
- Prior financial industry experience is a plus.
Academic Qualifications (minimum requirements):
- CISSP, GCFA, GCIH, CISA or CISM security certificates is required.
- Knowledge of standards, rules and regulations related to information security and data confidentiality (NIST, ISO 2700x, HIPAA, PCI).
- Strong analytical and problem solving skills.
- College degree preferred.