Job Overview Our client in New York City has an excellent opportunity for a Principal Security Engineer! Responsibilities: Collaborate with engineers to develop secure services. Audit source code for security vulnerabilities. Develop/implement automated systems to help spot known security exposures. Consult on discovered security flaws, how to exploit them, and how to remediate flaws. Conduct threat mapping with respect to competitors, state-sponsors and hacktivists. Conduct intelligence gathering including digital, social and physical aspects. Conduct attack simulation exercises on a periodic basis. Continuous assessment around effectiveness of defense response. Demonstrate use of information and access by adversaries to stakeholders. Ensure adherence to appropriate standards, best practices workplace policies and procedures. Work effectively as a team member, providing hands on support, maintaining communication and updating senior staff on progress. Participate in Incident Response procedures if/when required. Requirements: Strong understanding of the intelligence lifecycle and models including Cyber Kill Chain and MITRE ATT&CK framework. Experience in cyber threat landscape, TTPs, threat actors and groups. Experience in threat actor and threat group profiling. Exposure and understanding of open source intelligence OSINT. Exposure and understanding of cyber threats in the financial sector. Exposure and understanding of underground criminal communities and dark web. Technical knowhow of malware reverse engineering. Visibility and presence in the threat intelligence community. Experience with SIEM technologies, threat hunting, monitoring and investigations. Excellent analytic and writing capabilities. Mentor and guide security analysts in cyber threat intelligence skills. Ability to work with minimum guidance. Liaise with stakeholders and seek requirement clarification. Exposure to Unix/Linux environments with knowledge of commands & basic shell scripting will be an added advantage. 7-11 years relevant experience, successfully delivering in an Enterprise environment. Bachelor / Master’s of Engineering in Computer Science / Information Security / Cyber Security Network and security and tools, including IDS/IPS, NAC, DLP, VPN, firewall management and audit, endpoint, anti-malware, database audit and monitoring. Strong experience with secure architecture design. Security expertise in one or more of: Python, Bash, C, C++, cryptography, reverse engineering, wireless networks, common web vulnerabilities (SQLi, XSS, CSRF), exploit development. Security applications utilized for logging, packet capture, email, directory services, web, authentication, remote access, and encryption. Database audit / security background is a strong plus. Cloud security deployment and controls. IT security technologies, policies, and procedures. Flexible to work in different time-zones, based on Business requirements. Conduct training and mentoring of team members. Job Detail Shortlist Apply Now Apply with Linkedin Never pay anyone for job application test or interview. Related Jobs (10) SCADA Administrator Full Time PI Historian Administrator Full Time Digital Production Specialist Full Time Java Technical Lead Full Time MDMS (Meter Data Management System) Specialist Full Time PC / Helpdesk Specialist Full Time Cyber Security Engineer Full Time LAN / WAN Systems Engineer Full Time VB.Net / NAIC Sr. Programmer Analyst Full Time EDI Programmer / Manager Full Time Contact You accepts our Terms and Conditions
