Security Engineer

Our client, located Philadelphia, is looking for a Security Network Engineer to join their team as a permanent team member. This role is responsible for Daily Security Alert Monitoring and Reporting, SOC, Security Information and Event Management (SIEM), Annual Risk Assessment Assistance, Quarterly Logical Access Reviews, Audit Response Assistance, Security Policy maintenance and mentoring other security team members.

• Perform Daily SOC dashboard maintenance and automation o Daily Security Alert and Log Monitoring (Central Log, Virus, IPS, DLP, Web Content, Secure Email, and Active Directory Changes).

• Utilize FIRM ’s InfoSec governance risk & compliance platform to manage quarterly vulnerability reporting and remediation activities and partner with IS team to ensure security patching stays on target
• Assist with Evaluation and suggest improvements to FIRM ’s SOC and Automation systems o Periodic 3rd Party Security Risk Reviews and Reporting o Data collection to support external and internal auditors o Evaluation and suggest improvements to FIRM ’s Security Information and Event Management (SIEM) Solution o Documentation of Security Incidents as a part of the CSIRT Team o Information security policy review to ensure all policies meet annual review guidelines and when required, create new policies to address gaps and new regulations
• Maintain knowledge of the latest NCUA and GLBA financial institution regulations
• FIRM departments and functions and effectively interface with staff at all levels o Working with the SVP IT to determine departmental priorities o When appropriate engaging outside contractors with proper technical expertise o Ensuring timely completion of projects and deployments o Mentor entry level security staff to build a reliable and solid infrastructure and team.

• In depth working knowledge of a variety of network perimeter security technologies including: Firewalls (Cisco NGFW and Palo Alto) o Web Filter (ForcePoint) o Intrusion Detection/ Protection Systems o DLP
• Network Based Data Loss Prevention o Vulnerability Scanners (Nessus) o Zero Day technologies (FireEye/Trellix) o Endpoint technologies (AMP and Microsoft Defender) o Email security technologies
• Working knowledge of Security Risk Assessment Methodology, Vulnerability Analysis and strong knowledge of SIEM technology
• Project management, troubleshooting and analytical skills JOB REQUIREMENTS:
• Bachelor's Degree or equivalent related experience
• 5 + years of hands on information security engineering and administration experience
• Demonstrated technical knowledge of perimeter security devices and configuration
• Ability to assess problems and situations possesses analytic ability and good judgment
• Demonstrate effective business communication and technical writing skills
• Worked with third party service provider
• Ability to handle multiple projects at the same time
• Monitor and maintain security appliances to insure the integrity of all systems from both internal and external entities.
• Proactively monitor security’s performance and utilization and provide recommendations for improvement, upgrades, and expansion.
• Accurately document current and future security configuration and changes following FIRM ’s