Fulltime Cloud Security Analyst openings in New York, United States on September 20, 2022

Cloud security analyst at CyberCoders

Location: New York

If you are a Cloud Security Analyst with experience, please read on!

What You Will Be Doing

You will identify, assess, and present options for meeting the functional, technical, and compliance requirements for cloud solutions.

Communicate complex information in a well-organized manner through verbal, written or visual means across various internal and 3rd party teams .

Collaborate with team members in-person and remotely. Work closely with different business functions to ensure monitoring, logging, and auditing of relevant events and assisting in automation of security controls.

What You Need for this Position
• At least 2 years of experience with :
• AWS / Azure
• Cloud Security
• Identity management services and processes
• Developing and documenting processes
• Experience with compliance frameworks

What’s In It for You
• Salary : $100,000-$130,000
• Fully covered benefits for individual and family
• 401k Match up to 6%
• Fully remote

Benefits
• Vacation / PTO
• Bonus

So, if you are a Cloud Security Analyst with experience, please apply today!

Colorado employees will receive paid sick leave. For additional information about available benefits, please contact Shay Watson

Email Your Resume In Word To

Looking forward to receiving your resume through our website and going over the position with you. Clicking apply is the best way to apply, but you may also :

Shay.Watson CyberCoders.com

Please do NOT change the email subject line in any way. You must keep the JobID : linkedin : SW6-1702148 in the email subject line for your application to be considered.

Shay Watson – Executive Recruiter – CyberCoders

CyberCoders, Inc is proud to be an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.

Your Right to Work In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

CyberCoders will consider for Employment in the City of Los Angeles qualified Applicants with Criminal Histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring (Ban the Box) Ordinance.

Last updated : 2022-09-20
Apply Here
For Remote Cloud security analyst roles, visit Remote Cloud security analyst Roles

********

Manager, Cyber Security at KPMG

Location: New York

Business Title: Manager, Cyber Security – Google Cloud

Requisition Number: 7367- 66

Function: Advisory

Area of Interest: Cyber

State: NY

City: New York

Description:

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries.
Our growth is driven by delivering real results for our clients.

It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities.

With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc.
and others. If you’re as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, Cyber

Security – Google Cloud – to join our Cyber Security Consulting practice

Responsibilities:
Driving

Cloud Transformation projects at industry leading clients using Google Cloud

Platform services

Executing

on Google Cloud security engagements during different phases of the lifecycle -assess, design, and implementation.

Drive

enterprise focused security improvements to Google products and services.

Implementation

of industry leading practices around cyber risks and Cloud security for clients

Assisting

clients with transitions to the Cloud from existing on-premise environments or

multi-cloud environments.

Lead

and develop Whitepapers / Point of Views (PoV) and other technical materials.

Design,

implement, and manage DevSecOps capabilities in Google cloud offerings using

CI/CD toolsets and automation

Lead

and mentor teams of Cloud architects and engineers

Qualifications

A

minimum of five years of relevant cloud experience

Bachelor’s

Degree or equivalent work experience

Experience

with Google Cloud security services such as Cloud Security Command Center,

Cloud Armor, Chronicle Google Key Management, Event Threat Protection, Beyond

Corp

Experience

on building Google Identity Solution (G-suite, Cloud Identity) and Integration

with various federation tool.

Excellent

writing and verbal communication skills

Strong

project management and organizational skills

Google

Cloud Architecture, Engineering, DevOps, and/or Security certifications

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring.

All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws.

The attached link ( ) contains further information regarding the firm’s compliance with federal, state and local recruitment and hiring laws.
No phone calls or agencies please.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law.
In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).

GL: 4

GF: 15304
Apply Here
For Remote Manager, Cyber Security roles, visit Remote Manager, Cyber Security Roles

********

Info Security Analyst-Expert at Mitchell Martin Inc

Location: New York

Our client, one of the largest financial services firms, is seeking an Info Security Analyst-Expert

Location: New York, NY
Position Type: Contract

Who are we looking for?

We are looking for application security operation members to help with Level 2 support of the application security tools and services.

What the role will cover:
• Provide level 2 support for the application security tools and services.
• Help with identifying the root cause.
• Collaboratively working with the users, operation team, and engineering team to resolve issues.

Job Skills/qualification:
• Expertise with DevOps, CI/CD and agile methodology
• Experience with application security capabilities and tools.
• Expertise in a major programming language such as Java or Python, and associated tooling (Git, Maven, IDEs, Jenkins, Bitbucket etc.)
• Experience of k8s and container technologies such as Docker, Podman and Openshift
• Good oral and written communication skills
• Experience of security fundamentals and Blackduck, Checkmarx tool is a bonus.
Apply Here
For Remote Info Security Analyst-Expert roles, visit Remote Info Security Analyst-Expert Roles

********

Lead Cyber Security Specialist at Sigma Computing (hiring!)

Location: New York

Sigma is SaaS, next-generation business intelligence and data exploration platform that is changing the analytics landscape. Sigma offers a spreadsheet-like interface that enables all decision makers to securely analyze up to billions of rows of live data with the unlimited scale and speed of the cloud. With Sigma, everyone can quickly answer their own questions to make and visualize accurate, data-driven decisions. This is an exciting time to join a world – class company and team. We are growing rapidly.

About The Role

Sigma Computing Cyber Security team proactively identify, analyze, and mitigate risks, respond to and manage security incidents, and protect Sigma infrastructure and operations. Reporting to the Head of Information Security, the candidate will lead the security initiatives, incident response activities, mentor/guide the security team around information security matters and help mature Sigma threat detection & prevention efforts. Your focus is on bringing Security expertise to the table in a collaborative, humble, and practical manner.

We are looking for the SME who have the passion to build a world-class Enterprise cyber security team. You will be part of a talented team of engineers with a shared mission to make Sigma secure and will be working on the latest technologies stack.

What You Will Be Doing
• Support cybersecurity risk program strategy and projects. Identify cyber risks and drive business security requirements across Sigma.
• Stay abreast of the latest security risks and disclosures and ensure Sigma infrastructure is sufficiently protected.
• Represent the organization as a Subject Matter Expert in security requirements.
• Lead the Security Engineering organization, focusing on piloting and developing new security solutions to address critical risks.
• Manage, Implement, Support technologies like CASB, WAF, IAM, Malware Analysis, SIEM, Email Security, Vulnerability Management.
• Lead, mature and maintain End-point, Network and Cloud infrastructure security.
• Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical expertise for the administration of security tools.
• Lead, mature, and maintain operational components of the cybersecurity incident and response program.
• Collaborate with various stakeholders to complete cyber risk assessments and plan remediations.
• Help to mature Sigma’s investigation and response capabilities and ability to respond effectively to security events.
• Build Blue / Purple Team to mature the Sigma threat detection capabilities.

Requirements
• Bachelor or Master’s degree in the relevant field.
• Minimum of 7 years of experience in Information Technology, specifically information security, while demonstrating a steady growth of skills and responsibilities required.
• Experience in leading the Cyber security initiatives, teams and mentor the team members. Proven experience in NIST, cybersecurity, MITRE ATT&CK, implementation, and red teaming.
• Experience in incident response including host and cloud forensics, incident management, threat intelligence, threat hunting, and/or security detection.
• Hands-on experience managing complex security efforts with minimal disruption to ongoing operations .
• Hands on Security Tooling experience – DLP, Vulnerability Management, Malware Detection/ Analysis, SIEM, Privilege Access, DAST, WAF, IPS/IDS, Firewall, Email Security, CASB, URL Filtering, Container Security etc.
• Experience in AWS, GCP or Azure, Kubernetes, Terraform or other IAC
• Experience automating security detection and response using scripting or other means.
• CISA, CISM, CISSP certification or comparable IT security accreditation preferred.
• Strong organizational and project leadership skills
• Leads by example and takes ownership of decisions

Note: The world around us is changing, but we at Sigma Computing are growing and scaling. We raised our Series C in Dec 2021. With that, and us being able to 3X our revenue year on year, hiring and building out the best version of our product is priority. That is why we want to talk to you.

About Us

At Sigma Computing, our mission is to empower everyone to make the best possible decisions at every turn by removing the barriers that prevent people from analyzing data across sources and delivering the full spectrum of self-service cloud analytics and business intelligence.

We recently announced a $300M Series C raise from Co-Leads D1 Capital Partners and XN, Existing Investors Sutter Hill Ventures and Altimeter Capital, and Snowflake Ventures.

Come join us to help us be smarter and grow together!

Benefits For Our Full-Time Employees
• Equity
• Generous health benefits
• Flexible time off policy. Take the time off you need!
• Flexible schedule, do the work you need to get done in the time you have to get it done
• At least 12 weeks of paid bonding time for all new parents
• Traditional and Roth 401k
• Commuter and FSA benefits

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow .

Note: We have a hybrid work environment.We have safely reopened our office in SF and are following city and CDC guidelines. And our NYC office is close to ready for occupation!
Apply Here
For Remote Lead Cyber Security Specialist roles, visit Remote Lead Cyber Security Specialist Roles

********

Cyber Security Analyst at Tetra Tech

Location: New York

We are looking to hire a remarkable Cyber Security Analyst to join our diverse team at Tetra Tech in Richmond, KY.
Growing your career as a Full Time Cyber Security Analyst is an awesome opportunity to develop excellent skills.
If you are strong in planning, communication and have the right mindset for the job, then apply for the position of Cyber Security Analyst at Tetra Tech today

Tetra Tech, Inc. has an opening for a Cybersecurity Specialist (IT Systems Analyst II) at the Blue Grass Army Depot’s Chemical Activity (BGCA), in Richmond, KY. This position will provide information systems security support to BGCA’s information systems security specialist with responsibility for providing operational and technical advice to the Information Management Office (IMO), while supporting the unique Chemical Weapons destruction mission. The successful candidate will be required to possess and maintain certifications IAW DOD Directive 8570.01M / DOD 8140.01 Cyberspace Workforce Management IAM-I, Microsoft 10 or Microsoft Desktop Administrator Associate certification, and COMPTIA Security+. Ability to obtain and maintain an active NAC (Secret Clearance) is required.

Discover your full potential. At Tetra Tech, we are collaborating with industry-leading experts for a sustainable future for our world. We combine consulting and engineering with advanced analytics and technology to solve the world’s most complex challenges. Our innovation hubs across the globe will enable you to share ideas and best practices while growing your professional network. Wherever you are in your career journey, you will benefit from working with world-class engineers, scientists, and technical specialists.

Apply today and join the company that is Leading with Science®.

Your Role :

• Complete work involving the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems, security programs, policies, procedures, and tools.
• Conduct information security studies and analyses.
• Provide technical advice and solutions to the government information systems security specialist and the Information Management Office (IMO) in matters relating to information systems security.
• Assist in the development of IA policies and procedures.
• Promote awareness of security issues to endure sound security principles are reflected in IMO vision and goals and ensure the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services.
• Conduct risk and information assurance vulnerability assessments (IAVAs) of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Assist in the development of recommendations and corrective actions and determine efficient means to comply.
• Assist the Information System Owner (ISO) and Information System Security Manager (ISSM) in the registration of IT systems into the Enterprise Assurance Support Service (eMASS) in accordance to DoD Risk Management Framework (RMF).
• Review new information security hardware and software polices/procedures, evaluate network security tools, and develop and/or modify network security test.
• Perform extensive research and study of IA reports and publications and maintain up-to-date knowledge of IA procedures, requirements and best practices.
• Perform other duties as assigned.

Occasional travel for training or attendance at information security/information assurance conferences, meetings, or presentations may also be required.

Qualifications :

Must have an Associate Degree or higher in an IT-related field, IT Security preferred.
• The ideal candidate will possess knowledge of:
o DOD and DA policies, procedures, regulations, directives and requirements as it relates to information security. This knowledge is used in development of guidance and procedures for the installation, to identify vulnerabilities, and to assess potential security violations or problems.
o IT security principles (network, security, and network security architecture) and methods; and IT security products and services sufficient to evaluate, recommend the acquisition of, implement, and disseminate IT security tools, procedures, training and practices to protect information assets.
o Programming techniques (associated with security tools), automated data processing (ADP) equipment characteristics, system and network software characteristics, DOD, DA, NETCOM, and Information Assurance/information system security regulations and standards to evaluate the effectiveness of systems, devices, procedures, and methods used to safeguard all automated systems, classified and privacy data in computer accessible media.
o Mission and functions of the Army organization, work processes and subject matters to ascertain sensitive information areas, which sections require special alterations, and to advise, evaluate, and implement security-related matters/issues.
o Telecommunications and computer hardware and software to protect systems from viruses, data tampering, and unauthorized system entry.
• Must possess COMPTIA Security+ certification
• Must possess Microsoft 10 or Microsoft Desktop Administrator Associate certification
• Must possess or be able to obtain within 60 days of hire, certifications IAW DOD Directive 8570.01M / DOD 8140.01 Cyberspace Workforce Management IAM-I within 60 days of assuming this position.
• Must possess or be able to obtain within 60 days of hire, Security+ certification.
• Must possess a valid motor vehicle driver’s license.
• Must be able to obtain and maintain, at a minimum, a Secret Security Clearance.
• Employee may be recalled to work site and/or required to work outside of regular duty hours, which may include evenings, weekends, and/or holidays.

About Tetra Tech:

Tetra Tech combines the resources of a global, multibillion-dollar company with local, client-focused delivery in more than 450 locations around the world. Our reputation rests on the technical expertise and dedication of our employees-21,000 associates working together to provide smart, scalable solutions for challenging projects. We are proud to be home to leading technical experts in water, environment, infrastructure, resource management, energy, and international development.

Explore our open positions at Follow us on social media to learn more about our people, culture, and opportunities:

LinkedIn: @TetraTechCareers

Twitter: @TetraTechJobs

Facebook: @TetraTechCareers

Tetra Tech is proud to be an Equal Opportunity Employer. Diversity, inclusion, and equity are among Tetra Tech’s core values. Throughout our history, the company has prioritized equitable inclusion of all people. All qualified candidates will be considered without regard to race, color, religion, national origin, military or veteran status, gender, age, disabilities, sexual orientation, gender identity, pregnancy and pregnancy-related conditions, genetic information and any other characteristics protected by the law. We invite resumes from all interested parties. Please visit our website at to see the array of diverse services and exciting projects we are currently working on.

Tetra Tech is a VEVRAA federal contractor and we request priority referral of veterans for available positions.

We thank all applicants for their interest, however, only those candidates selected for interviews will be contacted.

Please no phone calls or agencies.
Company Benefits:
● Learning opportunities
● Advancement opportunities
● Advantageous package
Apply Here
For Remote Cyber Security Analyst roles, visit Remote Cyber Security Analyst Roles

********

Junior Cybersecurity Analyst at Align Communications

Location: New York

Security . New York, New York ” Why Align For over three decades, many of the world’s leading firms have relied on Align as a trusted IT solution provider and center of excellence in IT advisory, infrastructure design, build, delivery and managed services. We are actively seeking innovative minds to establish and strengthen our team to deliver high-quality state-of-the-art technology solutions for our enterprise and boutique clients. If you are seeking to own challenging projects under tight schedules for some of today’s most fascinating companies while leveraging an exceptional team and long track record of success, then we want to hear from you today. Position Overview Align seeks a candidate with a passion for cybersecurity. Ideal candidates will have at least a Bachelor’s degree with some concentration in cybersecurity. Additionally, the candidate will have a minimum of 1-2 years of work experience in cybersecurity, preferably with regard to compliance, operations and/or governance. The Cybersecurity Analyst will work under the guidance of Align’s Managing Director of Cybersecurity and/or its CISO. This is a learning opportunity for someone looking to develop deeper expertise in cybersecurity governance and compliance. This individual must be both informed about, and conversant in, the field of cybersecurity generally, up to date on trends in the industry and interested in maturing their knowledge of enterprise cybersecurity. Candidates must have, and be able to demonstrate (and explain during the interviewing process), a high-level of organizational, writing and project-management skills, sufficient to work on numerous engagements at once, managing deadlines, deliverables and quality of work-product. The Cybersecurity Analyst will be a hybrid role based out of our New York City office. This person should expect to work in the office or at client sites one or two days a week. The other three to four days will be work from home. Minimal travel may be required This is a full-time position offering full benefits, a competitive salary, paid training and performance-based bonuses Responsibilities Assist cybersecurity managers in analyzing, reviewing, and evaluating the cybersecurity controls, policies and procedures of Align clients. Assist cybersecurity mangers in delivering cybersecurity assessments and gap-analyses of client’s network infrastructure and systems. Oversee, schedule and manage multiple, ongoing client cybersecurity projects (e.g., assessments, program manuals, incident response reports and other deliverables) to clients. Manage all client reports and reporting deliverables by updating client portals and/or otherwise generating and delivering all of the reporting included with Align cybersecurity solutions. Coordinate all cybersecurity security awareness training services and deliverables to clients. Evaluate and assess different security technologies to appropriately expand Align’s cybersecurity offering. Assist with business solution proposals and sales presentations. Contribute to thought leadership by helping to author informational white papers and conducting training sessions with new products/technologies to increase the Align knowledgebase. Ongoing learning and continually staying abreast of relevant industry updates and changes via conferences, training and events. Develop and maintain security tools, techniques and procedures to facilitate security testing, vulnerability detection, validation and mitigation. Work with CISO to continually improve Align’s internal security posture and provide hands-on cybersecurity support to address IT security issues as needed Collect, report, and continually enhance security metrics. Qualifications Bachelor’s degree in computer science, computer engineering or related field with a concentration in cybersecurity 1-2 years of relevant cybersecurity work experience in enterprise cybersecurity. Experience can be in any discipline of cybersecurity, with a preference for incident response Master’s degree in computer science, computer engineering or related field with a concentration in cybersecurity is a plus Any relevant cybersecurity work experience with knowledge or product expertise in either security testing; security integration and governance; malware analysis; incident response; cloud security or risk and compliance Able to contribute to the development of security standards, access controls and compliance requirements based on industry standards and compliance one or more of the following is preferable is preferable: ISO27001, NIST Cybersecurity Framework, PCI-DSS-DSS, FINRA, SEC Basic understanding of data security (classification, encryption, DLP) is a plus Ability to create, maintain and report metrics that measures effectiveness of security controls is a plus Interest in obtaining industry certification – CISM, CISSP or similar industry recognized certifications within the next 2-3 years Ability to work independently and as part of a team Basic knowledge and experience with one or more one or more IT security technologies including firewalls, IPS, SIEM, DLP, network/host protection, application security and data protection (DLP, encryption) Able to travel from time to time with limited notice (mostly regional) Solutions-oriented with an aptitude for solving problems and acting on own initiative Highly motivated with a willingness to learn new technologies and be a hands-on engineer Effective communicator with a positive and confident attitude Excellent writing skills with the capability to create well-formatted reports and client-facing documentation Excellent consultative skills with experience preparing business solution proposals and presenting them to senior executives Team player with strong collaboration skills and a flexible approach to problem solving About Align Align is a dynamic and flexible place to work, offering professionals unparalleled opportunities to train in the leading technologies, make an impact within the industry and control their own destinies. We have a flawless track record of delivering technical solutions and have established long-standing relationships with an impressive client list of both Global 1000 and SMB clients. We work across a diverse list of industries including financial services, life sciences (pharmaceutical and health care), retail, technology, media and telecommunications. We give our professionals the autonomy to pursue opportunities and manage assignments in ways that maximize their creativity and talents, leading to self-fulfillment and financial rewards. For more details, visit www.align.com PM20 Tier 2 PI190932764
Apply Here
For Remote Junior Cybersecurity Analyst roles, visit Remote Junior Cybersecurity Analyst Roles

********

Senior Threat Hunting Analyst at CLEAR

Location: New York

Founded in 2010, CLEAR’s mission is to create frictionless experiences. With more than 12+ million members and hundreds of partners across the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you – making everyday experiences easier, more secure, and more seamless. Since day one, CLEAR has been committed to privacy done right. We are looking for a Senior Threat Hunting Analyst to join our team. The ideal candidate has a strong drive to solve security challenges and the desire to implement best-in-class security measures using cutting edge technology. The right person for this role has a proven track record of delivering high-quality security solutions in a scaling environment. What You Will Do: Implement new detection capabilities and improve upon existing security tools and playbooks Review audit logs and identify/audit behavior Create and disseminate summary reports, investigation reports, and threat briefs Recommend remediation activities to secure the source or initial point of access of intrusion Collaborate with threat intelligence support teams to mitigate risk from contact and horizon threats Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks Develop and execute custom scripts to identify host-based indicators of compromise. Determine scope of intrusion identifying the initial point of access or source Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity Develop analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes. Conduct analysis of network traffic and host activity across a wide array of technologies and platforms Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts. Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management Develop detection techniques and countermeasures in response to threat actor tactics, techniques, and procedures (TTPs) Analyze network traffic, IDS/IPS events, packet capture, FW logs, malicious campaigns and evaluate the effectiveness of security technologies Provide expert analytic investigative support of large scale and complex security incidents Support the incident response team by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events Perform Root Cause Analysis of security incidents for further enhancement of alert catalog. Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed Provide forensic analysis of network packet captures, DNS, proxy, vpcflow, malware, host-based security and application logs, as well as logs from various types of security sensors Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity Who You Are: Bachelor’s degree in Computer Science, Information Systems Management, Engineer or related field; equivalent experience considered 6 to 10 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage and identification Highly desired: Certifications such as OSCP or other recognized pentesting or threat hunting certs Knowledge and experience with digital forensic processes, chain of custody, and evidence preservation to include disk, file, memory, and network capture, imaging and analysis Experience with packet analysis and usage of deep packet inspection toolsets Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix Working knowledge of Advanced Persistent Threats and cyber crime TTPs Strong working knowledge of EDR and SOAR solutions Strong experience with Splunk and Splunk Enterprise security and possess the ability to apply analytical techniques to large data sets Strong experience with Azure and AWS cloud infrastructure/security Strong usage of scripting languages for automation, such as Python, Powershell, Bash Experience with Security Operations A working understanding of mobile and container security #LI-Hybrid
Apply Here
For Remote Senior Threat Hunting Analyst roles, visit Remote Senior Threat Hunting Analyst Roles

********

BXTI – Network Security Analyst at The Blackstone Group LP

Location: New York

Blackstone is the world””s largest alternative asset manager. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help companies solve problems. Our $915 billion in assets under management include investment vehicles focused on private equity, real estate, public debt and equity, infrastructure, life sciences, growth equity, opportunistic, non-investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at #removed# . Follow @blackstone on LinkedIn , Twitter , and Instagram .

Blackstone Technology & Innovations

Blackstone Technology & Innovations (BXTi) is the technology team at the core of each of Blackstone””s businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies.

BXTi is nimble and entrepreneurial – our open, iterative design processes and rapid pace of development mean that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation. We believe in active mentoring and developing excellence. We collaborate to find the best answers for our customers and for Blackstone. We are critical to the firm maintaining its competitive edge.

Business Unit Overview:

Blackstone Technology & Innovations (BXTI) is the technology team at the core of each of Blackstone””s businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies.

BXTI is nimble and entrepreneurial – our open, iterative design processes and rapid pace of development mean that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation. We believe in active mentoring and developing excellence. We collaborate to find the best answers for our customers and for Blackstone. We are critical to the firm maintaining its competitive edge.

Job Title:

Network Security Analyst

Job Description:

The Network Security Analyst is an essential member of the global Network Security team. They will work closely with Network engineers and the outsourced COE team to ensure the safety, operation, reliability and security of Blackstone””s global network.

Responsibilities:
The Network Security Analyst provides operational support & analysis for a diverse set of security events. The Security Operations Analyst will be the first point of contact with users/ peers/ vendors and will determine the type & severity of incidents and recommend appropriate actions, including escalation to senior staff.
• Provide Level 1, 2, and 3 support for day to day network security incidents and tickets.
• Working with off-shore COE Team provide oversight of Global Security network 24/365
• Implement/ change/ remove security rules as needed across proxies, firewalls and web filtering devices as needed
• Manage network security policy administration on various network security products.
• Participate in security incident response through in-depth, technical (log, forensic, malware, packet, etc.) analysis
• Collect security incident metrics & data to enable reporting to senior management

Qualifications:
• 3+ years of hands-on technical experience in managing Network Security products like firewall, web proxies, DDoS mitigation solutions – knowledge of Palo Alto FW, AWS network security, and Zscaler strongly preferred
• Experience with cloud native architectures such as AWS or Azure a plus
• Possess an understanding of network protocols
• Experience using Splunk
• Have the desire to learn new technologies, share best practices, and contribute to a global infrastructure and security team
• An ability to create documentation and reporting
• Possess an understanding of security operations concepts

Have strong written and oral communication skills

The duties and responsibilities described here are not exhaustive and additional assignments, duties, or responsibilities may be required of this position. Assignments, duties, and responsibilities may be changed at any time, with or without notice, by Blackstone in its sole discretion.

Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other class or status in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including but not limited to hiring, placement, promotion, termination, transfer, leave of absence, compensation, and training. All Blackstone employees, including but not limited to recruiting personnel and hiring managers, are required to abide by this policy.

If you need a reasonable accommodation to complete your application, please contact Human Resources at 212-583-5000 (US), +44 (0)20 7451 4000 (EMEA) or +852 3656 8600 (APAC).

Depending on the position, you may be required to obtain certain securities licenses if you are in a client facing role and/or if you are engaged in the following:
• Attending client meetings where you are discussing Blackstone products and/or and client questions;
• Marketing Blackstone funds to new or existing clients;
• Supervising or training securities licensed employees;
• Structuring or creating Blackstone funds/products; and
• Advising on marketing plans prepared by a sales team or developing and/or contributing information for marketing materials.

Note: The above list is not the exhaustive list of activities requiring securities licenses and there may be roles that require review on a case-by-case basis. Please speak with your Blackstone Recruiting contact with any questions.

To submit your application please complete the form below. Fields marked with a red asterisk * must be completed to be considered for employment (although some can be answered “prefer not to say”). Failure to provide this information may compromise the follow-up of your application. When you have finished click Submit at the bottom of this form. – provided by Dice
Apply Here
For Remote BXTI – Network Security Analyst roles, visit Remote BXTI – Network Security Analyst Roles

********

Information Security Technical Senior Analyst – AVP at 00002 Citibank, N.A.

Location: New York

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

The Technical Information Security Officer will work with their peers, application managers, and system development teams to ensure security requirements are met and technology risks are addressed throughout each phase of the software development life cycle and proactively provide solutions to correct exposures or mitigate risk.Working with other security and technology teams they will maintain and interpret security standards, procedures, and guidelines for multiple platforms in diverse and agile environments in designing solutions, recommending enhancements or defining mitigating controls to existing applications and systems used by Citi workers and our customers.

Responsibilities:
• Perform periodic security reviews on assigned applications according to Security Policy and Practices established by Citigroup to ensure all requirements are met.
• Be the primary security officer responsible for providing security development and testing requirements to the project teams on multiple, simultaneous, agile and waterfall projects.
• Work withmultiple teams to develop processes and procedures to ensure information security policies and standards are integrated with the organization’s applications.
• Define secure application configurations leveraging technical knowledge and problem solving skills in accordance with Citi’s secure SDLC process.
• Promote awareness of current policies and standards, as well as revisions and developments; provide consistent interpretation of policy to technology teams and business personnel.
• Interfaces with the business where technical IS solutions are required and advises on the impact to the bottom line while satisfying business objectives.
• Respond to internal and external audits of security procedures and application security configurations.
• Establish and maintain relationships with domain architects, project managers, and others within the technology development unit.
• Manage risk by analyzing the root cause of security issues, impact to technology, and required corrective actions leveraging advanced analytical skills.
• Schedule, host, and drive meetings with multiple levels of technology management, from individual contributors to senior management; requires strong communication, influence, and diplomacy skills to ensure that secure development procedures are addressed.
• Ability to periodically work across different time zones and areas globally in an international environment.

Qualifications:
• 3+ years of relevant experience
• Experience with interpretation and application of IS Policy and Standards.
• A good understanding of application security, development processes, and testing.
• Experience working under minimal supervision from management with a strong commitment to team participation.
• Leadership skills and ability to work with and influence developers, development managers, project managers, technology peers, and business contacts are required.
• Strong risk analytics and problem solving skills.
• Organizational skills.
• Strong verbal and written communication skills.
• Familiarity with industry IS standards and frameworks such as OWASP top 10.
• CISSP, CSSLP, CCSP or equivalent security certifications (preferred or will obtain)

Education:
• Bachelor’s degree/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

————————————————-

Job Family Group:
Technology

————————————————-

Job Family:
Information Security

——————————————————

Time Type:
Full time

——————————————————

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the “EEO is the Law” poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

—————————–

Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.
Apply Here
For Remote Information Security Technical Senior Analyst – AVP roles, visit Remote Information Security Technical Senior Analyst – AVP Roles

********

Cybersecurity Engineer, Cloud Security at YOH Services LLC

Location: New York

Cybersecurity Engineer, Cloud Security (DevSecOps)

Category:

Cybersecurity

Employment Type: Direct Hire

Reference:

BH-347725

Job Description

The Company’s Cyber Security Engineering Team engineers, builds and owns a broad variety of cutting-edge security controls and technologies that generally fall within the domains of Network, Endpoint and Data Security and are deployed within Private and Public Cloud environments. The Team is also responsible for the operational efficiency and resiliency of the said controls and technologies and designs corresponding operational processes to be performed by its partner, the Cyber Defense Center Operations Team.

The Team assesses and prioritizes the modern cyber-attack vectors and partners with other cyber security and infrastructure teams in the company to engineer effective cyber security protective controls, ensure efficient and non-disrupting operations of the controls, and build new and enhance existing Cyber Defense Center’s Monitoring and Response Use Cases with a goal to provide the Organization with the maximum level of protection and create robust countermeasures to prevent future cyber security incidents.
Team members aid in investigations of suspicious activity on the infrastructure, troubleshoot application performance issues, and train and mentor the members of the Cyber Defense Services Team to ensure efficient 24×7 production support for the owned technology. The Team also builds automation workflows, following DevOps methodology, for proactive remediation of service deficiencies and enables self-service capabilities for the owned technology, to be consumed by the internal customers.
Reporting to the Head of Cyber Security Engineering Services, the position will be responsible for the continuous improvement of resiliency and efficiency and broadening the capabilities of the Cloud Security controls that protect the Company’s infrastructure. The individual will be challenged by working across a heterogeneous technology stack, delivering on key projects and responding to escalated operational issues.
We Seek
A self-starter who is fueled by collaboration, able to transform conceptual thinking into executable insights and who thrives in partnering across the company with security, network, compute and storage engineering and operations teams and provide outstanding service to our internal business and technology customers.
• Intellectual curiosity and proven record of spotting anomalies and identifying creative solutions to resolve deficiencies and optimize performance
• Strong analytical skills, particularly in assessing the risk and impact of sub-optimal control implementations and creativity in addressing and mitigating new threat and attack vectors
• 4+ years of experience with and a solid knowledge of implementing and operating Cloud Security controls in (one or more) domains of Network, Endpoint, Data and Identity Security
• Proven ability to understand, interpret, and correlate the data produced by various event log sources — network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security controls, etc.
• Understanding of CI/CD pipeline components and the integrations with various security controls; knowledge of GIT
• Experience with network and perimeter security technology, including next-generation firewalls, intrusion prevention systems, proxies, web application firewalls, site-to-site and remote access VPN, network DLP, and data encryption in transit
• Understanding of TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, application-level protocols (HTTP, SMTP, DNS, etc.)
• Familiarity with remote administration of (one or more) Microsoft Windows, Linux and MacOS systems
• Ability to further develop DevSecOps skillset to implement various security controls, define infrastructure as code, deploy cloud-based security services
• Understanding of various authentication methods, based on Microsoft Active Directory
• Working knowledge of (at least one) modern scripting language (Python, Perl, PowerShell, etc.)
• Strong communication and documentation skills, with ability to develop and deliver standard operating procedures, workflow and decision tree diagrams, and training materials to internal customers
• Excellent organizational skills, detail-oriented, strong on workflow process; ability to manage and follow up on multiple competing priorities effectively; familiarity with Agile work planning methodology
• Customer-focused demeanor; excellent interpersonal skills and a sense of humor
• Desire and passion to learn and grow in the field of Cyber Security
• Bachelor’s degree in Information Technology or any STEM discipline; Master’s degree is beneficial
• Developer-level knowledge of some of the following technologies: Terraform, Jenkins, Puppet, Ansible, Splunk Phantom, Active Directory Group Policy; experience in utilizing vendor APIs from an own code
• Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP)
• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)
• Familiarity with ITIL; experience with incident, problem, change, and risk management
• Design, implement and operationalize, through configuration-as-code, various cutting-edge security technologies on-premises and in the Cloud
• Partner with other technology teams to enhance the Company’s CI/CD pipeline with additional security controls and to broaden Cybersecurity self-service offerings for internal customers
• Maintain the existing portfolio of the Company’s Cloud Security controls and functions
• Resolve escalated service issues and coach other engineers on troubleshooting efforts; partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
• Partner with Cyber Defense Center on improving existing and building new Monitoring and Response Use Cases to reliably identify and remediate anomalous activity
• Enhance existing and develop new processes, procedures, and baselines with respect to cyber security and the use and operation of information systems
• Perform risk and compliance self-assessments; identify, document, and plan for remediation of risks and other deficiencies in security controls
• Support internal and external audit and compliance reviews, gather requirements and evidence, and provide timely responses
• Drive initiatives to grow the cyber security mindset and best practices across the Company, with an emphasis on gaining measurable results
• This is a hybrid role based in either New York NY, NJ, Bethlehem PA, or Stamford CT location with work from home flexibility.
• Up to 10% travel within US

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Visit
to contact us if you are an individual with a disability and require accommodation in the application process.

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer, M/F/D/V.
Apply Here
For Remote Cybersecurity Engineer, Cloud Security roles, visit Remote Cybersecurity Engineer, Cloud Security Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo