The Information Security Lead Engineer designs, integrates, implements and monitors the firm's information systems security infrastructure.
In conjunction with Information Technology Operations personnel, leads the design, implementation and support of security measures including but not limited to:
Change auditing and monitoring systems
Document Management Systems
Privileged Account Management
Advanced Threat Defense
Data Loss Prevention
Leads the monitoring and investigation of security related activity identified in logs and alerts from those systems.
Evaluates proposed IT projects and emerging technology while making security recommendations to ensure the risk is controlled at an acceptable level.
Leads the analysis, resolution, and communication of cyber security problems and issues.
Performs various assurance and auditing activities to ensure that the security controls are designed and implemented appropriately.
Develops and maintains appropriate escalation procedures for the different types of alerts that the various monitored systems generate.
Evaluates threat intelligence feeds, vulnerability reports, security exploit reports, and other information security notices as needed and makes recommendations to internal management and technical staff to take precautionary steps.
Administers the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management.
Interprets information security policies, standards, and other requirements and assists with their implementation.
Previous financial services, professional services or law firm experience desired.
Minimum 7 years of progressively advancing hands-on experience in Information Security field with track record of success,
Knowledge of or experience with ISO 27001 framework is desired.
Expert knowledge of information security methodology and tools such as access control, threat
intelligence, zero-day threats, incident response and vulnerability management tools.
Strong hands-on experience in Cyber Security engineering, network architecture and security assessment.
Ability to work in a team environment, as well as independently.
Strong analytical skills.
Attention to detail and ability to manage priorities.
Excellent communications skills (written and verbal).
Data privacy and other compliance experience are a big plus.