Implement company’s Information Security vision and strategy for the firm.
Build and maintain firm information security systems and applications.
Collaborate with technology teams to drive implementation of security controls and compliance requirements across the firm.
Influence automation and budding technologies to strengthen a small team’s capabilities.
Respond to information security incidents and execute the firm’s incident response plan.
Promote a “secure culture” within technology and across the firm.
Tactical / Hands-On Responsibilities:
Manage security technology platforms, including anti-virus software, endpoint protection and response tools, email security tools, data loss prevention platforms, public cloud and SaaS security platforms, and security monitoring tools.
Develop custom solutions, as needed, to address company’s specific security risks.
Act as a consultant within the organization to provide guidance on technical security best practices.
Create and maintain accurate documentation on the firm’s information security policies and procedures.
Keep current on information security threat intelligence and industry news to determine company’s best approach for dealing with new trends.
Bachelor’s degree in Information Security, Systems Engineering, Networking, Computer Science, or a correlated major.
No less than five years information security background.
Experience managing email security platforms.
Experience hardening traditional IT environments (Windows operating systems, Active Directory, etc.) and public cloud environments (AWS, Azure).
Experience deploying and managing a variety of security tools, including anti-virus software, endpoint protection platforms, email security platforms, and cloud security platforms.
Experience responding to security alerts/incidents and performing investigations.
Strong understanding of basic information security concepts and best practices.
Ability to communicate technical and security concepts to non-technical stakeholders.
Strong understanding of networking and systems administration.
Knowledge of financial services industry best practices and regulations related to information security (GDPR, SEC Regulations, CCPA, etc.)
Information Security certifications (CISSP, CEH, Security+, OSCP, SANS, etc.)
Note: Qualified candidates will be contacted within 2 business days of application. If an applicant does not meet the above criteria, we will keep your resume on file for future opportunities and may contact you for further discussion.