Overview

This is a technical position where the candidate will manage, provide technical support, implement, maintain and troubleshoot all security products used by the Firm. The candidate must have significant hands on experience with security technologies and solutions. The candidate will also perform daily investigation of security incidents, security assessments and audits.

Responsibilities

• Manage Intruder Detection sensors, firewalls, Anti-Virus, Web Filtering Solutions, DLP, IPS/IDS, NAC, DDOS protection, third-party remote access, application white listing solutions, endpoint detection and response solutions.
• Manage Security Incident and Event Management systems (SIEM).
• Manager and investigate all security events until resolution.
• Manage privilege account management systems.
• Conduct technical security audits and perform risk assessments.
• Conduct firewall, network and systems configuration change and audits.
• Perform vulnerability scans on networks, servers, systems and applications.
• Create weekly security reports including keeping track of information security metrics.
• Work with consultants and third party vendors as it relates to security services they provide.
• Participate in project reviews of information security architectures associated with each initiative.
• Research and test new security technologies.
• Manage and maintain a good relationship with third party security vendors that support Milbank (MSSP, SOC and others).
• This is a remote position.

Qualifications

• 5-7 Years’ experience in IT Security
• Bachelor Degree in Computer Science or Information System or significant work experience
• Certifications are plus: CISA, CISM, CISSP, GIAC GSEC, PCNSE
• Extensive knowledge of security best practices in regards to computer systems, networks, telecommunication and all associated hardware.
• Very strong analytical approach to problem solving and solution development.
• Must be passionate about security and strive to ensure the Firm is protected against evolving cyber threats.
• Must be a professional with customer satisfaction oriented mindset, creative and be able to balance security with business objectives..
• Must be able to work well in teams.
• Must be able to think outside of the box and go beyond traditional security.
• Must be able to work with Director of Information Security in providing accurate and timely information and closely follow his direction.
• Ability to manage multiple projects and support functions.
• Ability to work in a fast paced and dynamic environment.
• Ability to travel when necessary.
• Must be available to report for work on regularly scheduled days and off hours when required.
• Must be available to take emergency off hour calls during security incidents.
• Strong analytical, communication and interpersonal skills.
• Must be able to quickly identify root causes specially during security incident investigation.
• Must be able to create accurate and detailed project plans and complete them in timely manner.
• Excellent documentation skills and capable of creating comprehensive security documents such as standard operating procedures, guidelines and architecture diagrams.
• Able to fully perform the job function with minimum supervision.

• Experience with following technologies:
  • Cisco network devices
  • In depth experience with Palo Alto firewalls with all the features available in the product
  • Palo Alto Prisma
  • Micro segmentation technology – Illumio, NSX or others
  • SIEM products such as Microsoft Sentinel or others
  • IDS & IPS (Vectra AI, Snort, Suricata, AlienVault, or others)
  • Endpoint security products – CB Application Control, Microsoft Defender and Defender ATP.
  • Vulnerability scans and penetration test using Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike or others..
  • Open source security tools (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoast, TrustedSec SET and others) and network traffic analysis
  • Vulnerability management with Tenable IO, Rapid7 Nexpose, Qualys or others
  • Windows operating systems, Active Directory, DNS, DHCP, Microsoft SQL
  • Linux operating systems (Ubuntu, CentOS RedHat)
  • Windows Servers and Workstations Security
  • Scripts (python, VB, Powershell and others)
  • Privilege Account Management Solution (CyberArk, BeyondTrust or others)
  • Microsoft M365 E5 security products and Azure

• Experience with following technologies are plus:

• Windows 10 Security (Credentials Guard, Application Guard and others)
• Authentic8 Silo and other isolating browsers
• E-mail protection solutions such as Mimecast, Proofpoint, Exchange Online and others
• DLP products – Exchange Online DLP, Microsoft Endpoint DLP, Microsoft Azure Information Protection
• Third Party vendor remote access solution – Securelink, BeyondTrust or others
• Forensics analysis using Guidance Encase platform or open source tools
• Cloudflare
• Deception Technology (Illusive or others)
• Forescout
• Vectra AI