Hybrid work environment!
Ability to choose the days that you work from home
Our client, a Philadelphia-based law firm, is seeking to grow their team! They are hiring an experienced Cyber Security Engineer! This is a DIRECT HIRE role and Hybrid ONSITE in the Center City, Philadelphia HQ.
During an initial probationary period, this person will need to work 3 days onsite. After the first 90 days, the onsite frequency will reduce to 2 days per week. Onsite days are flexible and the candidate can select which days they prefer to work onsite.
The Cyber Security Engineer is responsible for ensuring our client’s data and systems are protected from all cyber threats, which includes working to capture, define, architect, design, develop, integrate, test and deliver security services to our Firm. The Cyber Security Engineer will be senior on the team and provide security best practices to other less senior team members.
- Review assessment results for vulnerabilities, gaps and control deficiencies; establish documented plans for a sustainable remediation. Work with various IT teams to ensure controls and remediation is implemented.
- Work closely with the Project Manager and Application/System owners to validate the security controls factored into all projects.
- Oversee third party managed security providers who perform comprehensive network and system security monitoring.
- Develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems. Prepare status reports on security matters to develop security risk analysis scenarios and response procedures
- Design, implement and update data security strategies based on best practices and engineer comprehensive cybersecurity architecture.
- Educate and train staff on information system security best practices.
- Validate effectiveness of current security controls, identify potential gaps and their impact. Translate that analysis into a risk assessment within the established cyber security framework.
- Ensure the firm meets its security compliance requirements through monthly, quarterly, and annual scheduled security related testing conducted by IT Staff.
- Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
- Oversee client security audits to ensure they are completed in a timely and accurate fashion.
- Other duties as assigned
- Work in a hybrid environment with work from home and regular in office attendance.
- Perform endpoint security monitoring, security event triage, and incident response.
EDUCATION AND EXPERIENCE:
- 3+ years of IT networking or security industry experience in an engineering role
- Experience with formulating proper responses to Cyber Risk Assessments, Compliance and Audits
- Excellent verbal and written communication skills
- Excellent interpersonal skills: respectful and team-oriented, customer-focused, receptive to feedback and embracing continuous improvement
- Excellent organizational skills and attention to detail with ability to provide clear and concise written documentation and analysis
- Excellent time management skills with a proven ability to meet deadlines
- Strong analytical and problem-solving skills
- Excellent communication, presentation and public speaking skills
- Strong work ethic: strong sense of ownership of personal and team work, doing what is needed without being asked and following through
- Ability to function well in a high-paced and at times stressful environment
- Proficient with Microsoft Office Suite
- 3+ Years Proven Experience as an Information Security Engineer, or similar position
- Understanding of Firewalls, Networking, Microsoft environments, MFA, IDS/IPS, DLP and other Information Security Tools
- BS/BA In Cyber Security, Computer Science, Engineering, or Relevant Field preferred
- Security Certifications preferred (e.g. SSCP / CISSP or CISM)