- Job Title
- Security Engineer
- Job ID
Our client believes in the importance of a strong security culture and knows that protecting their competitive edge requires a groundbreaking approach and the resources to execute innovative techniques. Under the direction of the Chief Security Officer and with the funding and governance support from the Executive Committee, this team is pioneering a transformational, industry-leading three-pronged strategy, which includes:
- A fully integrated cyber, physical and staff security operation
- A complete overhaul of our technical and security environment, which will include migration to the cloud and major investments in next generation analytics
- An innovative dynamic defense operating model that is proactive, predictive, automated and intelligent
We are looking to hire a talented, entrepreneurial security engineer to bring this vision to life. Individuals who join the department’s transformative efforts will be on the forefront of the next generation of security and technology with vast opportunities for future growth.
The Security Engineer will be instrumental in safeguarding the mission-critical intellectual property for this world-renowned firm. The ideal candidate will be a proficient technologist with expertise in secure design, development and configuration of a broad range of infrastructure, application and cloud technologies. You will have the opportunity to collaborate with world-class technology delivery teams to capture and refine business and technical requirements as well as serve as an instrumental member of the development team implementing security controls, secure design and secure coding best practices. This role is closely aligned with the business and will take a hands on approach to assessing, architecting, and validating corporate initiatives and implementing risk mitigation controls. The Security Engineer is a strong technologist and a key consultant on security, working extensively with world class security individuals across the organization that push the fold of security and technology.
- Build relationships with application, infrastructure and cloud technology teams to deeply understand new technology initiatives
- Ensure new technology projects are built securely by providing security subject matter expertise to technology engineering teams
- Specifically ensuring the secure architecture, design, development, coding and configuration of new technology projects
- Engineer security into continuous integration and continuous deployment systems
- Perform granular infrastructure, infrastructure as code, application and cloud security reviews
- Identify technology project risks through risk assessments identifying threats, vulnerabilities, impact and likelihood
- Communicate to senior management the residual risk from mitigation strategies or risk acceptance
- Maintaining a high security bar through architecture and implementation of security controls at both enterprise and project levels
- Build strong cross-organizational relationships and effectively influence the security of the organization
Our ideal candidate will have a degree and 5 or more years of experience in secure design, security engineering and SDLC (Secure Development Life Cycle). In addition, you must be an excellent communicator and problem solver with the ability to convincingly articulate vision and strategy for complex and innovative technical undertakings.
- Proficient and passionate technologyist with subject matter expertise in information security
- Ability to engineer secure systems across a diverse range of infrastructure, application and cloud technologies.
- Identifying threat and attach vectors, communicating the need for security features and controls while balancing both business and security value
- Hansd on cloud security experience including architecting, engineering or administrating in AWS, Azure and Google (SaaS, PaaS, IaaS)
- Demonstrated ability to engineer security into full stack architectures on next-generation cloud and container platforms
- Secure coding experience analyzing source code for security vulnerabilities across broad range of software languages
- Ability to perform risk assessment and threat modeling exercises with technology engineering teams
- Detailed understanding of security industry standards and frameworks from OWASP, CIS and NIST
- Ability to analytically digest any issue/problem encountered and recommend an appropriate solution
- Ability to convincingly articulate vision and strategy for complex and innovative technical undertakings
- Ability to deal with ambiguity and make expert judgments in situations where no precedent exists
- Experience operating with modern software engineering methodologies such as Agile, Scrum, DevOps and DevSecOps
• Qualifications Preferred: CISSP, CCSK/CCSP, CISSP-ISSEP/ISSAP, CSSLP, SABSA SCF/SCP/SCM
• Cloud Qualifications Preferred: AWS Certified Solutions Architect, AWS Certified Developer, AWS Certified DevOps Engineer, AWS Certified SysOps Administrator, AWS DevOps Engineer, AWS Certified Security
This position is located just 45 miles from New York City and we have many employees that commute from Manhattan and the surrounding areas. In addition to carpooling, we also offer corporate transportation for employees and other resources to ease your work/life balance.
Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)