Cyber / Network Security Engineer - Pelham Berkeley Search

High Profile mid-sized Asset Management Firm seeks Cyber / Network Security Engineer with strong Threat Vulnerability Management experience.

In a very hands-on capacity you will responsible for the support and administration of several core network security tools... interesting projects, very professional and high-end environment.

You will be responsible for the implementation, engineering, and management of security initiatives related to Threat Vulnerability Management and Network Security.

In summary:

• Work closely with Information Security to ensure a secure enterprise network environment through the enforcement of network security controls, threat and vulnerability management (TVM), and logging and monitoring for applications, servers and network devices through the SIEM process.
• Leverage and implement tools that automate and support Network Security, TVM and SIEM processes, helping to develop capabilities to early detect and quickly respond to potential cybersecurity breaches and incidents.
• Implement appropriate changes, updates, and upgrades in response to vulnerabilities and incursions; help to remediate audit issues.
• Support the process owners for Network Security, Threat Vulnerability Management and and SIEM by actively participating in risk assessments that target these processes. 
• Work with management to development of procedures and implement industry cybersecurity standards and policies 
• Participate in the organization and coordination of penetration testing.

Requirements include:

• Experience implementing Vulnerability Management solutions and relevant work experience with tools that provide vulnerability detection and reporting, logging and monitoring, and other cybersecurity solutions such as IPS/IDS, anti-virus and DLP. 
• Tenable Security Center (TSC) vulnerability scanning experience
• Working knowledge of next-gen firewall administration and configuration; some related Palo Alto Firewall administration (Panorama), network security, operations and management best practices preferred
• Endpoint management and best practices: McAfee Endpoint Protection, Carbon Black, and LogRhythm
• Good Project Management skills 
• Understanding of network design, infrastructure, Active Directory and Group Policy
• Knowledge of enterprise patching / updates is a must
• Scripting skills (Python,...)
• Working knowledge of security protocols, cryptography, authentication, authorization and security.
• Working knowledge in networking and protocols - BGP, OSFP, IP, WANs, LANs, NAT.
• Tools: Tenable Security Center, LogRhythm, Palo Alto Next Gen Firewalls, Cisco ASA Firewalls, Cisco ACS, Cisco ISE, Carbon Black Protect (Bit9), Carbon Black Response, McAfee Endpoint Protection, Wildfire Malware Analysis
• Completed Bachelor’s degree with Computer Science or related (math, engineering,...) course of study
• Preferred certifications or professional training: ITIL Foundation and any training with Palo Alto, Tenable/Nessus and/or LogRhythm

*This is a hybrid role onsite ~2 days per week in NYCTenable Security Center, LogRhythm, Palo Alto, Cisco ASA, Firewall, Cisco ACS, Cisco ISE, Carbon Black Protect, Bit9, Carbon Black Response, McAfee Endpoint Protection, Wildfire, cryptographyTenable Security Center, LogRhythm, Palo Alto, Cisco ASA, Firewall, Cisco ACS, Cisco ISE, Carbon Black Protect, Bit9, Carbon Black Response, McAfee Endpoint Protection, Wildfire, cryptography