Hi, Hope you are doing great, We have an immediate opportunity for Senior Information Security Engineer at NYC, NY. Below is the job description and if you’d like to pursue this, please include a word copy of your latest resume along with a daytime phone number and rate in your response.
*Send profiles to [email protected] <[email protected]>* *Job Title: Senior Information Security Engineer* *Location: NYC, NY - Locals Needed* *F2F/In-Person Interview Required* *Position Summary: * The Senior Information Security Engineer, reporting to the Senior Director, Information Security is responsible for supporting the execution of the Information Security program. In particular, this role will focus on driving the design, implementation, and maintenance of security technology and program functions for the connected vehicle and infotainment products and service offerings of . This position is a hands-on information security position responsible for working with members of the business and IT departments to identify, prioritize, and reduce information security risks in a cost- effective way. In addition to assuring the proper level of focus and controls exist in the right areas, the position will also provide support for vulnerability scanning/detection, penetration testing, security monitoring, and incident response activities. The position investigates security incidents reported to the Information Security and Compliance Department. *Duties and Responsibilities: * - Serves as information security subject matter expert for client, connected vehicle services, streaming and infrastructure systems and network security. - Responsible for supporting the information security program and performance of relevant information security engineering and testing activities for the radio, connected vehicle services, streaming and infrastructure services of - Collaborates with business owners, product/systems engineers, and operational personnel to understand business priorities and goals, company culture, and processes to identify information security risks; works with teams to recommend and help implement solutions and/or mitigating controls - Provides technical design, documented guidelines and implementation support of security controls for servers, workstations, network devices, multi-function devices, mobile computing platforms, and applications - Performs security assessments and technical testing of information systems infrastructure and applications, including internal, external, and partner facing systems - Identifies singular and compound vulnerabilities across operating systems, databases, network infrastructure, and applications - Performs reconnaissance activities to identify potential security weaknesses or information that could be leveraged against and do further harm to information assets Appropriately classifies findings in terms of severity and in light of exploitability, actively circulating threats, and mitigating controls - Maintains risk based test/evaluation schedule and coordinates production and potentially invasive testing through the change control board - Actively tracks vulnerability findings and status of remediation, driving toward resolution - Validates the continued and proper placement, operation, and tuning of security instrumentation, including vulnerability scanners, intrusion detection sensors, DLP, security log monitoring/correlation tools, file integrity monitoring solutions, and other security relevant controls by monitoring the IT security operations groups and their activities - Expedites neutralization of threats that pose immediate danger to the confidentiality, integrity, and availability of information assets - Evolves and adapts incident response and handling procedures commensurate with changing threat landscape and business needs - Provides routine status and metrics for information security to the Senior Director of Information Security - May perform daily and alert based monitoring of information security events and initiate response procedures in accordance with established processes - May perform routine and ad-hoc information security vulnerability scanning and testing to identify risks to information assets; escalate and expedite resolution/mitigation of vulnerabilities deemed high/critical severity - Helps raise awareness of information security in the company and provide holistic guidance on information security - Supports PCI/PII and other regulatory related activities and remediation Thanks and Regards, Syed Layeeq New York Technology Partners – Rochester 332 Jefferson Rd. Rochester, NY 14623 201 680 0200 Ext: 7027 [email protected] www.nytp.com Yahoo&Gtalk: Syedstaffing -- You received this message because you are subscribed to the Google Groups "US_IT.Groups" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/us_itgroups. For more options, visit https://groups.google.com/d/optout.
