Cyber Security Platform

Remote

All we are looking for is someone who has worked on Endpoint security platform operations management and sustenance. He should also have some knowledge around anlyzing the system infections due to malware or AV infection. Please see the below email for full job description. I would suggest you to focus mainly on the key ask I have highlighted above and some of the key technologies as listed below.

Endpoint and Cloud Workload Protection (Windows Linux MacOS Mobile OS iOS etc.) through EPP EDR XDR CWPP (AWS Azure) Container Security MTD (Windows Defender Carbon Black CrowdStrike Fidelis Symantec Kubernetes etc.) platforms

Job Summary

Under the general supervision of the Chief of the Infrastructure & Operations Division the selected candidate will work in the Cyber Security Platforms section and report to the Section Chief.

The Cyber Security Platforms section at the Fund is responsible for the implementation and management of the platforms in the following areas:

Network and Cloud Infrastructure Security

Perimeter Server Database and Web Application Firewall Security

Identity Access Management (IGA PAM and Access Management)

Federation and Public Key Infrastructure

Infrastructure Vulnerability Remediation

Security Logs Infrastructure

Endpoint device security

The main responsibilities of this role include but are not limited to working in cooperation with the Cyber Security Platforms Section Chief in the configuration implementation and management of security tools enhancing security controls and procedures to ensure confidentiality integrity and availability of the organizations information proposing new and improved solutions to the Section Chief as needed for the following security services:

Endpoint and Cloud Workload Protection (Windows Linux MacOS Mobile OS iOS etc.) through EPP EDR XDR CWPP (AWS Azure) Container Security MTD (Windows Defender Carbon Black CrowdStrike Fidelis Symantec Kubernetes etc.) platforms

Database Security (IBM Guardium Oracle Data Safe etc.)

SIEM Security Log Management and file integrity monitoring (Splunk LogRhythm Sentinel etc.)

The role works in close collaboration with the Information Security and Governance (ISG) Division on implementing secure standards and baselines aligning with reference security architectures and patterns and supporting monitoring and security incident response needs of the Cybersecurity Security Operations Center.

Minimum Qualifications

Handson extensive experience in security engineering cybersecurity architecture host/endpoint technologies network detection incident response and investigations or IT tool deployment

Has knowledge of and experience with responding to the latest attacks/exploits zeroday vulnerabilities and risks within the cybersecurity realm.

Knowledge of Security Orchestration and Automated Response solution to enhance security toolsets.

Sound problem resolution judgment negotiating and decisionmaking skills.

Experience with capacity monitoring and automated scaling solutions.

Knowledge of DevSecOps model Automation of security integration with application code deployment (Azure DevOps Jenkins Maven Git Nexus etc.)

Experience with automation/management frameworks

Experience in Scripting languages (PowerShell Python Perl Bash etc.)

Understanding of best practices for Public Key Infrastructures and certificate/key management

Major Duties and Responsibilities

Supervises project and operational work such as the upgrade of Security Technology stack and introduction of new software and hardware.

Works closely with the MSP to measure output against SLAs for services they provide.

Collects tracks and reports on various Security Services SLAs/metrics/KPIs/KRIs

Supports the development of tactical level technical requirements architectural designs and procedures for the deployment of security tools and solutions within Fund environments; to include but not limited to tool selection placement integration with other tools configuration and testing.

Designs and configures onprem and cloud security tools (e.g.Endpoint Protection SIEM Database Security tools) and solutions for deployment.

Develops business cases for new and existing security tools and technologies; to include but not limited to alignment with reference architectures configuration guides tool applications health status checks management guides and test plans.

Ensures the soundness of an integrated security solution identifies gaps and adjusts solution designs to local environments.

Stays informed of attack trends zeroday vulnerabilities methodologies and risks within the cybersecurity realm.

Creates and maintains technical documentation develops processes and procedures for security tools and systems and actively reviews current SOPs and documentation for areas of improvement.

Uses Security Orchestration and Automated Response solution (SOAR) to enhance security toolsets .

Participates in incident response/investigation activities led by the Cybersecurity Operations Team and if needed leads MultiUser nonsecurity Incidents (MUI) work to resolve problems.

Performs evaluation of the core requirements handles complex tactical planning and takes initiative to implement encryption and security.

Provides guidance and training to noninformation security staff personnel on Information security controls procedures and processes

Contributes to activities of security task force and reviews work of MSPs to ensure adherence of security standards and procedures.