Security Risk Engineer in New York, NY at Open Systems Technologies

Date Posted: 11/16/2019

Job Snapshot

Job Description

A multinational banking and financial services company is currently seeking a Security Risk Engineer to join their team in New York. 

Responsibilities:

  • Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements
  • Work with various internal teams to ensure security controls are implemented at all significant and relevant phases of IT processes
  • Ensure IT systems are compliant with applicable regulations, group policies, codes and industry guidance, e.g. performing gap analyses between standards such as SANS Top 20, NIST 800-53, ISO 27001, and SMBC Information Security Framework
  • Collate and quality assure data provided to other departments such as Risk Management and Internal Audit
  • Review security event log data and investigate anomalies
  • Perform monitoring activities and risk assessments
  • Respond to, and where appropriate, resolve or escalate reported security incidents
  • Manage security related events and tracking of remediation process
  • Implement and support information security solutions including security architectures, change/configuration management, and the integration of security products as needed
  • Develop and maintain documentation for security systems and procedures and processes. Develop security awareness training for new employees
  • Participate in information security working groups
  • Perform testing to evaluate new products for network and system security controls
  • Maintain logging and monitoring standards, technical investigative techniques and reporting
  • Maintain project scheduling and task follow on security initiatives

Skills: 

  • Must have a Bachelor’s degree in Computer Science or related field
  • 7+ years of of relevant experience in IT Risk and Security including:
    • Cyber-security solutions and protection
    • System vulnerability tools
    • Security monitoring tools
    • Application security risk assessment tools
    • Creating effective technical educational programs
    • Performing gap analyses within different environments coupled with an in depth understanding of regulatory guidelines as well as standards and best practices related to ISO and NIST.
  • Any of the following certifications is a plus: SSCP, CISM, CISA, or CISSP
Job category:
  • Information Technology
Job keywords:
  • IT Security
  • Cybersecurity
  • Information Security
  • Developer