IT Security Engineer

The New York Compensation Insurance Rating Board (NYCIRB) is a non-profit unincorporated association of insurance carriers. NYCIRB is licensed by the New York State Department of Financial Services as the official workers compensation rate service organization in the this capacity NYCIRB provides a variety of services to the workers compensation industry including data collection and analysis and the development of loss costs and rating values. These activities along with analytical tools research and customer focused services are intended to foster a stable and healthy workers compensation system in the State of New York.

The IT Security Engineer plays a critical role in safeguarding the organizations digital infrastructure. This individual is responsible for designing implementing optimizing security systems and maintaining the organizations cybersecurity infrastructure ensuring robust protection against evolving threats. The role is hands-on strategic planning engineering responding to threats and enforcing security protocols across networks systems and addition this position will provide mentorship to junior analysts and partners with IT compliance and business units to enforce strong security governance.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Security Architecture & Implementation
  • Design and implement comprehensive security architectures and solutions (e.g. firewalls intrusion detection/prevention systems endpoint protection SIEM EDR and zero-trust etc.) that protect the organizations information systems and data assets from a wide range of threats.
  • Implement and manage identity and access management (IAM) systems and user access controls.
  • Recommend configure manage maintain and optimize the NYCIRBs cybersecurity applications and tools.
• Monitoring & Incident Response
  • Monitor network endpoints cloud environments for irregular activity.
  • Respond to security incidents and conduct forensic investigations.
  • Maintain lead and test disaster recovery and business continuity plans.
  • Conduct root cause analysis and forensic investigations for major incidents.
  • Continuously improve incident response playbooks and automation.
• Compliance & Risk Management
  • Conduct risk assessments and vulnerability analyses on existing systems and networks recommending enhancements and ensuring timely implementation of security patches and updates.
  • Ensure compliance with internal policies and external regulations specifically NIST CSF 2.0 DFS 23 NYCRR part 500 and NY SHEILD act.
  • Develop and maintain vulnerability management systems across on-premises and cloud assets.
  • Lead remediation efforts and report findings to executive leadership.
  • Oversee patch management application control and endpoint security policies
• Training & Awareness
  • Lead internal security awareness programs and technical workshops to educate employees on cybersecurity best practices.
  • Provide mentorship and training to junior security and technical engineer personnel enhancing the overall security awareness and capabilities.
  • Stay current with emerging threats and industry trends recommending proactive measures to safeguard organizational assets.
• Collaboration & Reporting
  • Work closely with IT operations infrastructure and development teams to integrate security into all aspects of technology planning.
  • Collaborate with vendors and managed service providers for escalated incidents.
  • Report on security metrics incidents and risk assessments to senior leadership.
  • Partner with infrastructure application and DevOps teams to integrate security into CI/CD pipelines.
  • Provide regular updates to the CIO and board-level stakeholders on security posture and initiatives.
  • Develop and maintain security policies and procedures.

QUALIFICATIONS:

• 5 years of hands-on experience in cybersecurity IT security engineering
• Expertise in network security cloud security (AWS/Azure) zero trust and endpoint protection.
• Strong background in incident response vulnerability management risk assessment cryptography identity management and vulnerability management.
• Familiarity with security frameworks and standards (e.g. NIST CSF 2.0 ISO 27001).
• Demonstrated experience with tools such as enterprise CheckPoint Security Suite Azure Okta ThreatLocker and Microsoft 365 security controls.
• Proven ability to write clear concise and comprehensive technical documentation.
• Excellent communication and interpersonal skills to interact with both technical and non-technical stakeholders.
• Proven track record of leading security projects and influencing cross-functional teams.
• Ability to execute and lead projects accurately and quickly.
• Solid team player must be self-motivated and punctual.
• Must be responsible and detail oriented.

EDUCATION REQUIREMENTS:

• Bachelors degree in Information Technology Business Administration or a related field.
• Certification in Business Analysis (e.g. CBAP PMI-PBA) is a plus.

PHYSICAL DEMANDS AND WORK ENVIRONMENTS:

SALARY RANGE: