Senior Security Support Engineer
WILL WORK ONSITE 4X PER WEEK IN MIDTOWN!
About Us
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!!
Position Overview
We are seeking a Senior Security Support Engineer focused on supporting and managing the security needs of our financial services clients. Responsibilities include ensuring tailored security solutions, overseeing customers' security platforms, and collaborating with clients to customize reports. The engineer will manage security tools such as ESET, Palo Alto Networks, Cisco Meraki, Netwrix, Mimecast, InfoSecIQ, Synack, Splunk, FortiSIEM, Sumo Logic, eSentire, SpecOps, Duo Security, Orca Security, and Zerofox. Additionally, the role involves documenting security processes, staying updated on security events and techniques, and co-managing security platforms. This position requires a proactive approach to security, strong client communication skills, and adaptability to evolving threats and technologies.
Primary Responsibilities
Take ownership of the security posture for a portfolio of financial services clients, ensuring the implementation and enforcement of security policies and standards
Spearhead the ongoing management and enhancement of our customers' security platforms to achieve optimal performance and security posture
Expertise in managing Crowdstrike endpoint protection and malware detection
Experience with Palo Alto Networks' firewall and security solutions
Knowledge of Cisco Meraki for cloud-managed IT solutions
Design, implement, and manage IAM solutions, enforcing least privilege principles and strong authentication/authorization mechanisms. Stay current on IAM best practices and emerging trends
Deeply understand and apply AWS security best practices (IAM, Security Groups, VPCs, KMS, CloudTrail, GuardDuty, etc.) to proactively secure AWS environments and ensure compliance
Develop and maintain security automation scripts (vulnerability scanning, log analysis, incident response) and integrate security into the SDLC using DevOps principles. Leverage scripting languages like Python or Bash
Implement and maintain security baselines for operating systems, applications, and network devices. Regularly review and update system configurations to mitigate vulnerabilities. Conduct security audits and assessments
Implement and manage PAM solutions to secure, control, and monitor privileged access. Enforce strong authentication and authorization for privileged users. Conduct regular audits of privileged access
Design, implement, and manage SIEM solutions to collect, analyze, and correlate security logs. Develop and maintain log parsing rules, alerts, and dashboards. Conduct in-depth analysis of security logs to investigate incidents and identify root causes
Familiarity with Netwrix for IT auditing and data security
Experience with Mimecast for email security and archiving solutions
Knowledge of InfoSecIQ for security awareness training and phishing simulation
Familiarity with Synack for crowdsourced security testing and vulnerability assessments
Proficiency in using Splunk, FortiSIEM, Sumo Logic, and Esentire for data analysis and security monitoring
Experience with SpecOps for password management and multi-factor authentication
Proficiency in using Duo Security for multi-factor authentication
Familiarity with Orca Security for cloud security and compliance
Experience with Zerofox for social media and digital risk protection
Collaborate with clients to understand their reporting needs and requirements and customize reports accordingly
Create and maintain materials documenting security processes, procedures, and technologies, along with generating automated reports for relevant stakeholders as needed
Stay abreast of security events and techniques to keep our clients aware of new threats and attack techniques
Other duties as required
Qualifications
Bachelor's degree in Information Technology or a related discipline is preferred, although an equivalent combination of education and relevant work experience will also be considered
A minimum of 5 years' experience in the information security industry, with demonstrated leadership and technical expertise
Extensive experience in information security, incident response, and offensive security strategies.
Ability to go onsite to customer’s NYC office 4 days a week
Solid understanding of network protocols, operating systems, application layer protocols, and security best practices
Understanding of cybersecurity threats, and experience with incident response standards and procedures
Proficiency in managing various security tools and platforms, including ESET, Palo Alto Networks, Cisco Meraki, and others
Experience in creating and maintaining security documentation and automated reports
Ability to stay updated on security events and techniques to keep clients informed about new threats and attack methods
Proficiency in SIEM and EDR technologies
Advanced knowledge of endpoint detection and response (EDR) solution
Ability to analyze large amounts of data from various sources to solve complex problems and make informed decisions
Excellent written and verbal communication skills
Ability to communicate security information to non-technical people
Demonstrates comprehension of good security practices
Experience supporting Microsoft/Azure security solutions (O365, 365, Sentinel).
Vulnerability discovery and analysis
Knowledge of risk assessment tools, technologies, and methods