Security Architect
Security Architect Job 279 miles from Plattsburgh
Empower Every New Yorker - Without Exception - to Live the Healthiest Life Possible
NYC Health + Hospitals is the largest public health care system in the United States. We provide essential outpatient, inpatient and home-based services to more than one million New Yorkers every year across the city's five boroughs. Our large health system consists of ambulatory centers, acute care centers, post-acute care/long-term care, rehabilitation programs, Home Care, and Correctional Health Services. Our diverse workforce is uniquely focused on empowering New Yorkers, without exception, to live the healthiest life possible.
At NYC Health + Hospitals, our mission is to deliver high quality care health services, without exception. Every employee takes a person-centered approach that exemplifies the ICARE values (Integrity, Compassion, Accountability, Respect, and Excellence) through empathic communication and partnerships between all persons.
Job Description
The
EITS Security Architect
will interface between the CISO's strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization. The EITS Security Architect must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The EITS Security Architect coordinates the IT organization's technical activities to implement and manage security.
The EITS Security Architect is part of the Enterprise Information Technology Services, Information Security and Risk Management team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services. This individual will act as a subject matter expert to the assigned business units on matters regarding information security and compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws
Duties & Responsibilities
Lead and coach on the definition of security architecture, including the development and implementation of effective security administration processes for all platforms
Actively engage in security architecture solutioning within key pre-implementation systems
Identify and implement emerging data access control technologies, information systems security issues, safeguards, and techniques
Perform security reviews and identify security gaps in security architecture, resulting in recommendations for inclusion into the risk mitigation strategy
Provide Security Architecture guidance to Senior EITS Management within NYC Health + Hospitals and engage with multiple cross functional teams
Conduct application vulnerability scans, recognize vulnerabilities in security systems, and design countermeasures to identified security risks
Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements
Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
Keep informed on current threats and industry regulations
Assist in identification of emerging security technologies that can maintain or improve H+H's security posture, and implement them as and when required
Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
Attend regular team, management, and project meetings and provide both verbal and written reports to the Leadership Team as required. This may include coordination with and support of an Operational Risk Committee.
Facilitate team meetings between stakeholders, project leaders, and the Information Technology teams.
Minimum Qualifications
1.
A Baccalaureate Degree from an accredited college or university with a major in Computer Science, Systems Engineering, applied Mathematics, Business Administration, Economics/Statistics, Telecommunications, Data Communications, or a related field of study; and
2. Five (5) years of progressive, responsible experience in the field of data processing, computer systems and applications.
Operations Specialty requires supervisory experience (5 years).
Network Services requires a telecommunications background and experience.
3. Broad knowledge and expertise in the characteristics of computers, peripheral devices, communications systems and hardware capabilities, programming languages, E.D.P. applications, systems analysis methodology, data management and retrieval techniques;
or
4. A satisfactory equivalent combination of training, education and experience.
Department Preferences
CISSP, CISM, GSEC, CEH, or other relevant security qualification
Strong Knowledge of infrastructure, application and security protocols in addition to configuration management techniques and risk management/compliance/audit standards
Strong knowledge of cloud (AWS, Google Workspace, GCP, Azure, O365 etc).
Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)
Knowledge of encryption algorithms
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
Experience working with network access, identity, and access management (e.g. Active Senior Management Consultancy, access federation, multifactor authentication, PKI)
Experience working with operating systems (Microsoft Windows, Linux, UNIX, MacOS X)
Knowledge of security management and secure configuration management techniques
Knowledge of software engineering
Skill in assessing the robustness of security systems and designs and determining how it should work (including its resilience and dependability capabilities)
Knowledge of IT supply chain security/risk management policies, requirements, and procedures
Working knowledge of HIPAA/HITECH, NIST CSF, ISO27001/27002 and PCI-DSS Standards and Requirements A strong understanding of the business impact of security tools, technologies and policies.
Must possess a high degree of integrity and trust along with the ability to work independently
Participate in special projects as needed and perform other duties as assigned
Must be able to work independently as well as work as part of a fast moving team
Must be able to work at various locations when necessary along with working various shifts
Detail oriented, organized, methodical, follow up skills with an analytical thought process
Ability to learn new technologies
NYC Health and Hospitals offers a competitive benefits package that includes:
Comprehensive Health Benefits for employees hired to work 20+ hrs. per week
Retirement Savings and Pension Plans
Loan Forgiveness Programs for eligible employees
Paid Holidays and Vacation in accordance with employees' Collectively bargained contracts
College tuition discounts and professional development opportunities
Multiple employee discounts programs
Note: Candidates selected for a position are required to come to NYC as part of their onboarding.
Cloud Security Engineer
Security Architect Job 279 miles from Plattsburgh
VP Senior Cloud Security Engineer | Manhattan | Up to $250,000 ************
🌟 Are you a Senior Network Security Engineer looking for your next challenge?
🌟 Do you want to have a passion for Cloud environments?
🌟 Are you looking to work for a Leading Financial firm?
Look no further!
✋
We are looking for a Senior Cloud Security Engineer to join a dynamic team for a prestigious Financial Services Firm! You will be working in a fast-paced, detail-orientated environment, with a team of talented individuals.
Responsibilities
You will manage and securing the network infrastructure.
You will design, implement, and manage Fortinet firewall solutions to protect the infrastructure.
You will develop and implement Azure networking solutions, involving Virtual Networks, Network Security Groups, Load balancers and VPN gateways.
Key Requirements
You must have hands on experience with Azure networking services and security best practices.
You must have professional certifications such as CCNP Security or Fortinet NSE, Azure Solutions Architect.
You will need an understanding of network protocols, firewalls, VPNs, IDS/IPS.
You must have a proven ability to design and implement network architectures in cloud environments.
Experience with Python, Terraform, Ansible is preferred..
What you will receive
Great work/life balance
Clear career progression path
401k Plan + Benefits
Opportunity to work in a growing environment
The company are looking to begin conversations and interviews from this week, to secure an interview slot, send in an application, send me over a message or send your resume into the details b
elow!
📩 ************************
Sr. Security Engineer - Red Team
Security Architect Job 279 miles from Plattsburgh
About the Company:
A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework.
Responsibilities:
Approx 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.) or the ability to demonstrate equivalent knowledge.
Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing.
Expert understanding of Red Team concepts, tools, and automation strategies.
Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures.
Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability.
Expert understanding of Windows and Linux system hardening concepts and techniques.
Senior Security Engineer
Security Architect Job 279 miles from Plattsburgh
*****NO C2C OR THIRD PARTY INQUIRIES*****
Senior Security Engineer
Top skills/tools, etc. that are MUST haves:
Core security with experience deploying / upgrading and migrating Palo Alto firewalls
Consultative and team player
High level of experience with Panorama and log collectors
Palo Alto Next Generation Firewalls
Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products
Job Description
You will provide guidance and technical support to clients deploying our security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success.
Work full-time at the customer site in a Hybrid rotation
Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate
Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution
Configure, implement, and maintain Security Operating Platform
Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall
Test and validate the migration environment
Coordinate and execute cutover to production
Provide guidance on code upgrades
Facilitate the development of new application and threat signatures
Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases
Some travel may be required, dependent on customer request
You work with the customer's security & network teams to build confidence across the business units impacted by the change to Palo Alto Networks
Nice to haves:
BS in Computer Science, MIS, business, or equivalent education/training/experience
Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching)
Minimum of 3 years' experience leading security solutions in large environments)
You're experienced in internetworking, LAN, and WAN technologies
You have a good understanding of Internet protocols and applications
You effectively handle multiple projects and work calmly in high pressure
You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers
Sr. Information Security Analyst
Security Architect Job 279 miles from Plattsburgh
Senior Information Security Analyst
Must have Banking Experience
As a Senior Information Security Analyst, you will serve as a key risk manager responsible for identifying, assessing, and escalating security risks. You will collaborate closely with the Security and IT Infrastructure teams to support various security administration tasks and initiatives, ensuring the organization's infrastructure and data remain protected.
Key Responsibilities:
Develop and maintain comprehensive security manuals.
Oversee daily monitoring of Data Loss Prevention tools such as Trellix EPO and TMS.
Use Spirion to create and run scans for detecting files containing Personally Identifiable Information (PII) and ensure compliance with the data retention policy.
Manage Privileged Access Management (PAM) and generate reports.
Lead weekly IT meetings to discuss vulnerabilities, patches, and alarms triggered by security tools.
Stay updated on potential threats by monitoring sources like the Qualys Threat Protection Feed and CISA alerts, and ensure appropriate actions are taken to protect the network.
Collaborate with control owners to remediate identified deficiencies and track their progress.
Contribute to the enhancement of the Information Security program, focusing on increasing its maturity through strategy development and process improvements.
Support efforts in assessing, managing, and remediating information security risks related to IT infrastructure, applications, platforms, and suppliers, ensuring clear requirements and timelines are established.
Regularly report on remediation progress to the Chief Information Security Officer (CISO) or Chief Risk Officer (CRO).
Conduct vulnerability scans using Qualys and monitor for new and existing threats, collaborating with IT and users to address them.
Prepare and present daily, weekly, and monthly security reports to identify issues and ensure timely remediation.
Lead risk assessments, audits, governance efforts, and policy reporting, preferably in a financial institution context.
Assist in aligning security controls with organizational policies, procedures, and processes, and ensure their proper testing for adequate coverage.
Monitor system events daily to detect and respond to potential malicious activities.
Review and approve firewall rules using Tufin.
Analyze system events through the AlienVault SIEM and follow up on detected issues.
Monitor the network for malicious activity or exploitation using Tipping Point IPS.
Liaise with vendors for troubleshooting and maintaining security tools.
Qualifications:
5+ years of experience in managing information security governance, risk, and compliance.
Bachelor's degree in a relevant field.
Security certifications (e.g., CISSP, CISA, CISM, CEH) are advantageous but not mandatory.
Solid knowledge of security frameworks such as NIST, SOC2, ISO, FFIEC, and NYDFS-Part500.
Strong communication, presentation, and writing skills, with fluency in English.
Experience with Governance, Risk, and Compliance (GRC) tools like RSA Archer.
Proficient in Microsoft Office applications.
This role offers the opportunity to shape and elevate the organization's information security landscape, driving risk management and enhancing security processes.
Information Security Manager
Security Architect Job 268 miles from Plattsburgh
Summary: The Information Security Manager (“ISM”) is primarily responsible for assisting the Senior Information Security Manager (“SISM”) to fulfill Dime's security monitoring oversight functions in support of Dime's information security program. This includes operational and tactical responsibilities that ensure standard operating procedures are maintained within Dime's control environment to effectively protect Dime's information assets.
Salary commensurate with experience, ranging from $100,000 to $120,000 annually. The exact compensation may vary based on relevant experience, skills, education, training, licensure and certifications, and location.
All applicants must attach a recent resume. This is NOT a remote role. Dime does not provide relocation assistance or visa sponsorship (now or in the future).
Responsibilities:
Overall, the ISM's job is to work with Dime's IT and Risk Management departments and various business units to plan, coordinate and develop recommendations for all aspects of information security policies and procedures for Dime in order to:
Oversee that system monitoring activities of the IT NSOC (Network Security Operations Center), comply with Dime's information security policies.
Oversee log and entitlement reviews of critical systems to protect Dime's information assets from internal and external threats.
Oversee regular vulnerability testing/assessment, social engineering testing, and security evaluations are performed to evaluate the effectiveness of existing controls, including periodic penetration testing of critical information systems.
Use metrics to measure, monitor and report on effectiveness and efficiency of information security controls and compliance with information security policies, in order to support the annual information security risk assessment.
Assist in development, maintenance, and testing of policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate information security risks and related compliance issues.
Work with Dime's business units, Internal Audit, vendors, and other systems professionals to ensure policies and procedures are being complied with and to develop recommendations for improvements, ensure that compliance issues and other variances are resolved in a timely manner, and actively apply innovative solutions to advance Dime's information security goals.
Participate and help coordinate the implementation and roll-out of Information Security systems and software within Dime to verify that Dime's systems are in compliance with Information Security Policies.
Qualifications:
Bachelor's degree from four-year college or university and minimum three years' related experience and/or training; or equivalent combination of education and experience.
Knowledge of banking operations and bank policy and procedure development.
Knowledge of financial services regulatory requirements (FFIEC, GLBA, NYSDFS), and industry standards (NIST, ISO 27001/2).
CISSP (or comparable certification) preferred or expected within one year of hire.
Hands-on experience with DLP Prevention tools such as enterprise security tools (i.e., SIEM, vulnerability scanners, firewalls)
Hands-on experience with enterprise DLP tools (i.e., Varonis, O365 Defender) desirable.
Experience with Palo Alto, FortiNet EDR, and Darktrace technologies desirable.
Proficiency with industry standard information security testing and evaluation techniques. Use of Vulnerability Management and Penetration testing tools, (e.g., Rapid 7, Nessus, NMAP, Kali Linux,) desirable.
Excellent oral and written communication skills.
Ability to work outside of normal business hours on occasion.
Superior knowledge of Microsoft Office and database management software.
Knowledge of computer programs, databases, and systems used in the banking/financial services sectors.
Dime is an Equal Opportunity Employer. We provide a full competitive benefits package.
Salesforce Commerce Cloud Architect
Security Architect Job 279 miles from Plattsburgh
STAND 8 provides end to end IT solutions to enterprise partners across the United States and with offices in Los Angeles, New York, New Jersey, Atlanta, and more including internationally in Mexico and India We are seeking a highly skilled Commerce Cloud Architect to join our team for an exciting and challenging opportunity. This remote contract role offers a chance to work with cutting-edge cloud technologies and drive innovative eCommerce solutions. As a Commerce Cloud Architect, you will play a vital role in designing, developing, and implementing cloud-based solutions for eCommerce platforms, ensuring scalability, performance, security, and seamless customer experiences.
Responsibilities
Solution Architecture: Design and implement end-to-end Commerce Cloud solutions aligned with business goals, technical requirements, and industry best practices.
Cloud Integration: Integrate third-party services, applications, and data sources with the Commerce Cloud platform for seamless system communication.
Scalability & Performance: Optimize architecture for high availability, scalability, and performance, especially during peak traffic periods.
Security & Compliance: Develop secure cloud architectures compliant with industry regulations and best practices.
Customization & Optimization: Lead customization efforts on the Commerce Cloud platform to meet business needs, enhancing user experience and operational efficiency.
Team Collaboration: Collaborate closely with product managers, business stakeholders, and development teams to ensure requirements are clearly understood and implemented.
Documentation: Maintain comprehensive documentation of architecture, processes, and best practices for Commerce Cloud solution development and deployment.
Troubleshooting & Support: Provide guidance and support for cloud-based systems to resolve any issues during the project lifecycle.
Continuous Improvement: Stay current with Commerce Cloud trends, tools, and technologies, suggesting improvements to enhance system performance and capabilities.
Qualifications
Experience: Minimum 5+ years in eCommerce architecture and solution design, with at least 3 years focused on cloud-based platforms, ideally Commerce Cloud (e.g., Salesforce Commerce Cloud, Adobe Commerce).
Technical Expertise: Strong understanding of cloud technologies and architecture with hands-on experience in cloud-based eCommerce solutions integration.
Commerce Cloud Knowledge: Proven expertise in platforms such as Salesforce Commerce Cloud (SFCC), Magento, Shopify Plus, or BigCommerce.
Cloud Infrastructure: Proficiency in cloud platforms (e.g., AWS, Azure, Google Cloud) and cloud-native tools.
API & Integration: Experience with API integration, microservices, and third-party tools within the eCommerce ecosystem.
Security & Compliance: Solid knowledge of cloud security principles, PCI compliance, and GDPR.
Programming & Development: Familiarity with JavaScript, Node.js, or similar technologies, and a strong understanding of web development frameworks and cloud-based software development.
Collaboration & Communication: Excellent communication skills, with the ability to work effectively in cross-functional teams.
Certifications: Cloud certifications (e.g., Salesforce Commerce Cloud, AWS Certified Solutions Architect) are a plus.
Preferred
Leadership Experience: Experience in leading teams, mentoring junior developers, or holding a lead architect role.
Agile Methodology: Familiarity with Agile development practices, including Scrum and Kanban.
Performance Tuning & Cost Optimization: Expertise in optimizing cloud costs and application performance within eCommerce environments.
Additional Details
The base range for this contract position is $90 - $100/per hour, depending on experience.
Our pay ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hires of this position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Qualified applicants with arrest or conviction records will be considered.
Benefits
Medical coverage and Health Savings Account (HSA) through Anthem
Dental/Vision/Various Ancillary coverages through Unum
401(k) retirement savings plan
Company-paid Employee Assistance Program (EAP)
Discount programs through ADP WorkforceNow
About Us
STAND 8 provides end-to-end IT solutions to enterprise partners across the United States and globally with offices in Los Angeles, Atlanta, New York, Mexico, Japan, India, and more. STAND 8 focuses on the "bleeding edge" of technology and leverages automation, process, marketing, and over fifteen years of success and growth to provide a world-class experience for our customers, partners, and employees.
Our mission is to impact the world positively by creating success through PEOPLE, PROCESS, and TECHNOLOGY.
Check out more at ************** and reach out today to explore opportunities to grow together
Security Engineer
Security Architect Job 279 miles from Plattsburgh
Intro
Almanax is looking for an engineer to join us in working on the forefront of blockchain security research and development. You will be coming on as an early employee, working alongside the CEO and CTO to develop the Almanax product, leveraging learning models to enable secure Web3 code.
Our ideal candidate
You have experience conducting smart contract audits and ensuring the security of blockchain applications as well as an understanding of Solidity security and the Ethereum Virtual Machine (EVM), including familiarity with Ethereum Yellow Paper
You're familiar with security vulnerabilities like reentrancy attacks, front-running, and integer overflows, and know how to prevent them.
You have strong communication skills with the ability to work closely with blockchain developers, cryptographers, and product teams. You're skilled at explaining technical concepts to non-technical stakeholders.
This role is based out of NYC (remote friendly) and we are looking for a teammate who shares and practices our values: transparency, open communication, ownership, and a high level of craftsmanship. This is a high growth role, and you can expect to have ownership over crucial parts of Almanax's product and direct involvement over decisions that impact the product roadmap.
What you'll achieve
Work directly with leading teams in the Web3 space to build more secure products
Architect research driven solutions, engage in proof-of-concept work for emerging crypto technologies and launch flagship products
Curate examples of safe and vulnerable smart contract code
Evaluate security findings for correctness and accuracy
Work on a day-to-day basis with Almanax founders
Influence product roadmap and company strategy
Help expand our team
What you'll bring
5+ years (flexible) of software development experience, with 2+ years of smart contract / web3 development.
Proficient understanding of decentralized technologies (dApps, DeFi), core blockchain principles, and consensus mechanisms like Proof of Stake (PoS, dPoS)
Experience coding in Solidity, Rust and Solana program library (SPL)
Interest and passion for making contributions to the crypto ecosystem
Excellent communication skills in a remote setting
Ability to conduct code reviews and provide constructive feedback to ensure codebase quality and maintainability
Familiarity with blockchain security best practices and ability to identify and address potential smart contract vulnerabilities
History or interest in hacking, cybersecurity, crypto/web3, or ML/AI
Nice to haves
Contribution to open source projects
Experience working in other smart contract languages: Move, Solidity, etc
Certifications or additional coursework in blockchain development or smart contract security
Perks
Time off, Bonus opportunities like education, referrals, and bug bounties
Insurance, company events, professional development
Stock options
Research-oriented team
Lunch provided in the office
Cyber Security Engineer
Security Architect Job 279 miles from Plattsburgh
Our client, a highly reputable and long-standing mid-size real estate investment trust, is hiring a full-time Infrastructure Cyber Security Engineer. This is a hybrid position (3x/week onsite) and based in Midtown Manhattan (NYC). The schedule will typically be M-W onsite, Th-Fri remote.
In order to be considered, you MUST be hands-on and technical. This is NOT an advisory role where you are writing policies, analyzing data, and simply responding to alerts. You will be in the systems building out secure infrastructure, work with both servers and networking, and much more. If you come from IT infrastructure and pivoted into Cyber Security, that would be a huge leg up.
You will be a point person for the firm's MSSP, meaning if there is an alert from them, you will be the back and forth between that investigation. You will need to make security decisions based on the infrastructure.
Reporting up to the Director of IT Infrastructure & Security, it is imperative that you also have strong communication skills to heavily interact with key high-level stakeholders, including up to the CIO.
General Overview:
You are responsible for safeguarding computer networks and systems against cyber threats. This includes designing, implementing, and maintaining security measures to prevent unauthorized access and attacks. You will oversee the management of the companies Incident response program.
Job Responsibilities:
Design and implement security controls for network, servers, storage, cloud, and virtualization platforms to protect against cybersecurity threats and exposed vectors
Configure and maintain security settings within Azure/M365 tenant to align firms requirements
Configure and maintain firewalls, IDS/IPS, VPNs
Implement network segmentation to isolate critical assets
Support, manage, and implement email security tools such as MS Defender Suite, Mimecast, and Qualys
Improve core functions of Incident Response including threat detection/prevention, security monitoring, digital forensics, vulnerability management, and more
Manage the MSSP and other Cyber Security vendors/projects
Ideal Requirements:
5-7+ years of Information Systems experience
5+ years of relevant information/cyber security experience (Operations or Engineering)
BS or MS Degree is preferred (although not required)
Full working knowledge of the entire Microsoft 365 Suite, including M365 Administration
Scripting and Automation experience (ideally using PowerShell)
At least 1 year of experience in PowerShell Modules for Exchange Online/On-Prem, SharePoint, Teams, OneDrive, Azure AD, AD, and Windows (Client/Server)
At least 1 year of experience with enterprise cyber security products such as Secure Email Gateway (Mimecast, Proofpoint, or Office365 Exchange)
Hands-on experience managing security infrastructure (i.e. firewalls, IDS/IPS, WAFs, endpoint protection, SIEM, log management technology, vulnerability management, email security)
Experience securing the deployment of applications and infrastructure into public cloud services
Preferences:
Full-stack knowledge of IT Infrastructure (i.e. applications, databases, Azure managed instances, Windows OS, Hypervisors, IP networks such as LAN/WAN, Containers/Kubernetes)
Networking experience in routing, switching, and/or firewalls (Cisco ASAs or Palo Altos welcome)
Direct experience designing IAM technologies and services (i.e. AD, LDAP, Okta, Ping, Azure AD)
Strong working knowledge of IT Service Management (i.e. ITIL-related disciplines such as change/configuration/asset/incident/problem management)
Lead Cyber Security Engineer
Security Architect Job 279 miles from Plattsburgh
We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand out in technology staffing? We listen and act as advisors for our candidates on how they can best add value, find interesting projects, and pave a path for career advancement. We advocate for best pay, diversity in tech, and best job-fit for every candidate we place.
Our client, an investment firm, is seeking an experienced Lead Cyber Security Engineer to join their team in New York, NY!
Responsibilities:
Collaborate with leadership to shape and grow the cyber defense team, fostering a culture of collaboration and continuous improvement.
Evaluate and optimize data sources that feed into the SOC. Create processes and metrics to assess and enhance the effectiveness of the program.
Lead the implementation and ongoing improvement of the SWORD automation platform, specifically within the Palo Alto Cortex X ecosystem.
Read and interpret technical documentation, and oversee the integration of various platforms to improve SOC functionalities.
Work closely with SWORD teams to design metrics for the SOC that leverage our SWORD platform, ensuring alignment with operational goals.
Establish and manage functions around the SOC technology stack to enhance operational efficiency and effectiveness.
Utilize Pentera and other tools to continuously test and assess SOC capabilities, ensuring readiness against potential threats.
Engage with detection teams (remote) and on-premises teams (desktop engineering, networking, and systems engineering) to ensure seamless operations and effective incident response.
Qualifications:
5-7+ years of experience in cybersecurity, with a focus on blue team operations.
Proven leadership skills, with a capacity to motivate and guide a team.
Experience with SOC processes, data source management, and performance metrics development.
Familiarity with SWORD automation platforms and Palo Alto Cortex X.
Strong analytical and problem-solving skills, with a focus on continuous improvement.
Excellent communication skills, both written and verbal.
Local candidates are preferred, but exceptional remote candidates may be considered for in-person meetings.
Cloud Architect
Security Architect Job 279 miles from Plattsburgh
Azure Cloud Architect
Fulltime Permanent
Roles Responsibilities
Provision Configure and troubleshoot components of cloud related to compute network storage and security.
Strong experience in implementing and managing Azure core services like VNet.
Storage Virtual machine Azure SQL IAM Traffic manager Autoscaling Azure Monitor VPN. Express Route.
Analyze network logs and create manage traffic rules for the network security groups and ACLs.
Monitor and manage network connectivity routing and fix any connectivity issues.
Provision of appropriate compute instance type and storage disk type for the workloads requested.
Build Images suitable for customer infra and provision VMs based on the design standards.
Manage lifecycle of all resources perform OnDemand requests includes deletion resize of VMs volumes management snapshot lifecycle management IP address, DNS management.
Create and manage Azure Storage objects ACLs versioning and lifecycle management.
Manage user access using IAM policies management and any other identity access integrated solutions.
Provision of resources using Resource Templets or terraform templates.
Monitoring using Azure Monitor and fixing the s generated.
Provide recommendations to customers based on performance security cost and capacity management.
Analyze security logs from diagnostic tools and provide root cause with permanent fix.
Demonstrate complete technical ownership of the cloud solutions being managed.
Work on multiple projects and operational activities both as a lead and team member
Maintain and troubleshoot services on Azure and provide proper resolutions for the incidents.
Involve in migrations and ensure that workloads are migrated without any issues.
Implement best practices by closely analyzing cloud services and recommend best possible solutions.
Solve complex business issues with established guidelines and recommend appropriate alternatives.
Participate in technical major incident resolutions preparation and review of RCA documents.
Perform new migrations consolidation provisioning and decommissioning projects by coordinating with different teams.
Ensure required documents are in place and review documentation periodically.
Analyze troubleshoot and remediate cloud solution issues in cooperation with 3rd party vendors.
Implement IaaS and PaaS solutions on Azure based on design guidelines.
Ensure necessary backups and health checks are performed for all services.
Perform deployment automation and configuration management.
Create and implement scripting automation of repeatable functions and tasks.
Recommend new solutions to the service delivery team for customer communication.
Participate in solution designs that are highly available secure and align with standard architectural and disaster recovery standards.
Provide guidance to customers related to operational implementation and tooling aspects of public cloud.
Participate in capacity reviews server storage etc and assist with requests to remediate capacity concerns.
Required Skills and Competencies:
Should have 6+ years of experience in IT infra and 3 years in public cloud like Azure.
Provision Configure Troubleshoot compute network storage and security related components.
Maintain and Troubleshoot HA and DR implementations on Azure.
Ability to select Azure features and design a production platform for new applications.
Performed deployed automation orchestration and configuration management using necessary tools.
Strong understanding of PaaS platform and microservice architecture.
An ability to undertake root cause analysis and provide permanent fixing for all business critical issues.
Should have been involved in migration of business critical workloads related to servers and database.
Can demonstrate an understanding of SLA governing System Availability and Performance.
Possesses an Understanding of Tools and Licensing Needs for Production Development and Testing.
Strong written and verbal communication skills.
Strong problem solving and analytical skills.
Salesforce Architect
Security Architect Job 279 miles from Plattsburgh
Ness is a full lifecycle digital engineering firm offering digital advisory through scaled engineering services. Combining our core competence in engineering with the latest in digital strategy and technology, we seamlessly manage Digital Transformation journeys from strategy through execution to help businesses thrive in the digital economy. As your tech partner, we help engineer your company's future with cloud and data. For more information, visit ************
Job Title: Salesforce Architect
Location: Hudson Yards, NY (Hybrid)
Ness is currently seeking a highly skilled Salesforce Financial Services Cloud Technical Lead to join our team. This individual will provide technical leadership and architectural guidance while collaborating closely with stakeholders, including project managers, developers, and business analysts. The candidate should possess extensive experience in design, estimation, planning, and development using Salesforce Financial Services Cloud within an Agile framework.
Key Responsibilities:
Provide technical leadership and architectural guidance for Salesforce Financial Services Cloud implementations.
Collaborate with project managers, developers, and business analysts to define project requirements and deliverables.
Design and develop solutions that leverage the Salesforce platform, particularly in sales, service, and marketing functions.
Guide the offshore development team, ensuring adherence to Salesforce best practices and coding standards.
Oversee the estimation and planning processes for Salesforce projects, ensuring accurate resource allocation and timelines.
Conduct reviews of the solution designs and implementations, ensuring they align with business objectives and stakeholder needs.
Stay current with Salesforce updates, features, and industry trends to provide informed recommendations to stakeholders.
Facilitate training and knowledge sharing sessions to enhance team members' understanding of Salesforce Financial Services Cloud.
Qualifications:
Proven experience in Salesforce development, with a focus on Financial Services Cloud.
Strong understanding of Salesforce architecture, configurations, and extensions.
Experience working in Agile methodologies and leading cross-functional teams.
Excellent communication and collaboration skills to engage with stakeholders at all levels.
Salesforce certifications (e.g., Salesforce Certified Technical Architect, Salesforce Certified Financial Services Cloud Consultant) are a plus.
Experience providing oversight to offshore teams and managing development pipelines.
Preferred Skills:
Proficiency in Salesforce Apex, Visualforce, Lightning components, and other development frameworks.
Familiarity with integration patterns and data management techniques within Salesforce.
Analytical mindset with strong problem-solving abilities.
Why Ness
We know that people are our greatest asset. Our staff's professionalism, innovation, teamwork, and dedication to excellence have helped us become one of the world's leading technology companies. It is these qualities that are vital to our continued success. As a Ness employee, you will be working on products and platforms for some of the most innovative software companies in the world.
We offer our employees exciting and challenging projects across a diverse range of industries, as well as the opportunity to collaborate with a group of forward-thinking, capable partners around the globe.
Workday Extend Architect
Security Architect Job 132 miles from Plattsburgh
What Working at Hexaware offers:
Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.
Hexaware provides access to a vast array of tools that enhance, revolutionize, and advance professional profile. We complete the circle with excellent growth opportunities, chances to collaborate with highly visible customers, chances to work alongside bright brains, and the perfect work-life balance.
With an ever-expanding portfolio of capabilities, we delve deep into and identify the source of our motivation. Although technology is at the core of our solutions, it is still the people and their passion that fuel Hexaware's commitment towards creating smiles.
“At Hexaware we encourage to challenge oneself to achieve full potential and propel growth. We trust and empower to disrupt the status quo and innovate for a better future. We encourage an open and inspiring culture that fosters learning and brings talented, passionate, and caring people together.”
We are always interested in, and want to support, the professional and personal you. We offer a wide array of programs to help expand skills and supercharge careers. We help discover passion-the driving force that makes one smile and innovate, create, and make a difference every day.
The Hexaware Advantage: Your Workplace Benefits
Excellent Health benefits with low-cost employee premium.
Wide range of voluntary benefits such as Legal, Identity theft and Critical Care Coverage
Unlimited training and upskilling opportunities through Udemy and Hexavarsity
Role: Workday Extend Architect
Location: Schenectady, New York
Experience: 7+ Years
Work Mode: Remote
Job Key Responsibilities:
Qualifications: -
Over 5 years of experience with Workday Integrations.
At least 2 years of experience in developing applications using Workday Extend (formerly Workday Cloud Platform).
Strong expertise in Workday HCM, Financials, or related Workday modules.
Proven experience in designing and implementing scalable cloud-based applications.
Deep understanding of Workday's APIs, data models, and security protocols.
Experience with web services, REST, and SOAP APIs.
Proficient in programming languages such as JavaScript, XSLT, or Workday-specific languages like Workday Studio and EIBs.
Exceptional problem-solving skills and ability to work under tight deadlines.
Excellent communication and collaboration skills, capable of interacting effectively with both technical and non-technical stakeholders.
Preferred Skills: -
Workday certification in Workday Extend or other relevant Workday certifications.
Familiarity with Agile or other software development methodologies.
Experience in client-facing consulting or technical advisory roles
Privacy Statement:
The information you provide will be used in accordance with the terms of our Privacy Policy and will be used specifically for the business/processing purpose of the event. You should be aware that we may share your details with our approved vendors for this event to be handled successfully.
Network Security Consultant (Strata)
Security Architect Job 279 miles from Plattsburgh
Piper Companies is seeking a Network Security Consultant (Strata) to join a premier cybersecurity organization. The Network Security Consultant will provide guidance and technical support to clients deploying our security integrations. This position will be onsite in New York City!Responsibilities of the Network Security Consultant include:Communicate with customers, sales teams, peers, engineering, and support teams as appropriate Understand customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating PlatformOptimize and migrate policies and objects from the existing environment to our Next-Gen FirewallTest and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Collaborate with customer's security & network teams to build confidence across the business units impacted by the change to Palo Alto NetworksQualifications for the Network Security Consultant include: 5 years of experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN, general routing and switching) Experience in 7k and 9k environments High level of experience with Panorama and log collectors NGFW and Global Protect expertise Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products Compensation for the Network Security Consultant includes:Salary: $150,000 - $170,000Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and HolidaysThis job opens for applications on 12/13.
Applications for this job will be accepted for at least 30 days from the posting date.
Keywords: #LI-CR2 #LI-ONSITEStrata NGFW Consultant, Security Integrations, Technical Support, Palo Alto Networks, Panorama, Log Collectors, NGFW, Global Protect, Network Security, BGP, SD-WAN, VXLAN, Firewall Configuration, Security Solutions, CISSP, CCNA, CNSE, JNCIE-SEC, WAN Technologies, Internet Protocols, Digital Security, Security Operations, High-Pressure Environments
Architect
Security Architect Job 279 miles from Plattsburgh
Siegel, formerly Robert Siegel Architects, an award-winning architectural firm based in New York City and Katonah, is known for innovative and future-forward design solutions. The firm focuses on creating buildings that are easy to use and beautiful to look at. With global expertise and a commitment to holistic design, Siegel delivers exceptional projects in various sectors, including student life, public, commercial, and residential. We believe in the transformative power of space-making. In performance-driven architecture. In innovation through lifelong learning. In the value of a well-crafted partnership.
Do you have a passion for architecture and for crafting exquisite spaces and buildings? Do you thrive on the intersection of invention and beauty? Robert Siegel Architects is seeking talented individuals to join our award-winning team, in person, in our offices in Manhattan and/or Katonah, NY.
Qualified candidates must hold a B.Arch and/or M.Arch degree from a school of architecture in the United States and be legally authorized to work in the United States.
The Ideal Candidate has
Outstanding design abilities with a passion for crafting exceptional spaces and interiors
Strong skills in Rhino, Revit, and Lumion
Excellent organizational and communication skills, both written and verbal
The ability to collaborate effectively in teams and within a studio setting
A deep commitment to detail and precision in drawings and designs
Responsibilities
Collaborate on architectural projects ranging from $500,000 to $50 million in construction value
Work on new construction and renovation projects across public, education, arts & culture, commercial, and luxury residential sectors
Develop design concepts and details
Produce technical drawings and models
Work with design teams and contribute to all phases of project development
Contribute to crafting schematic designs, design development, and construction documents
Qualifications
B. Arch or M. Arch degree from a school of architecture in the United States
Minimum of three (3) years of U.S.-based professional experience in architectural design
Proficiency in Rhino, Revit, and Lumion
Fluency in English, both written and spoken
Benefits
Competitive salary
401(k) with employer matching
Paid Time Off (PTO)
Continued learning and mentorship program
Health and medical programs
Submission Requirements
To apply, please email your cover letter, resume, and portfolio as PDFs to work@siegel.design
• Cover letter explaining why you think you would be a good fit for us, and vice versa. If you are not a U.S. citizen, please describe your status to work in the United States.
• Resume
• Portfolio including your academic design work and sample sheets of construction document details that you produced using Revit.
Since 1991, diversity has fueled our innovation and success. Based in New York, we believe that our staff's myriad cultures and backgrounds is essential to generating new ideas and insights into our work. At Siegel, we celebrate and support diversity because it makes our team, work and the built environment better. We are proud to be an equal opportunity workplace and take affirmative action to employ equally regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.
Information Security Analyst- International Bank
Security Architect Job 279 miles from Plattsburgh
International Bank is seeking an Information Security Analyst who will perform duties related to 3rd Party Risk Management, and Operational Risk Management. This position will assist the CISO to manage and maintain the 3rd Party Riks Managment Program and will act a backup to perform Information Security duties as well.
3rd Party Risk Management
Assist in the development and maintenance of the 3rd Party Risk Management Procedure
Manage and maintain the 3rd Party processes including but not limited to regulatory expectations, risk assessments, gap analysis and process
Conduct periodic evaluations and assessments of 3rd Party vendors including the on-boarding and off boarding
Maintain and conduct periodic 3rd party awareness training to key
Prepare key metrics for Management and Committee reporting.
Assist in preparing audit materials as requested by the Internal Audit
2. Operational Risk and Regulatory Reporting
Enhance the Branch's operational risk management
Review RCSA of each group of the Branch upon changes and make challenges including annual review which involves analysis and aggregation of the RCSA
Responsible for tracking record of Operational Risk Reporting in the Branch so that the Branch can monitor and analyze the operational risk incidents as well as confirm the preventive
Engage in identifying, measuring, reviewing, aggregating monitoring, or controlling operational risks within the risk appetite for US operations independently from the business
Report the Branch's operational risk management to Branch senior management, IT & Operational Risk Committee, Branch Oversight Committee and US Risk Committee (the “USRC”) to review
Help USCRO to oversee the activities of CRM who serve as the risk management function for the Branch and determine key risk indicators to be monitored on a regular basis and to ensure that the Branch's business activities are performed within the US risk
Produce a monthly report that summarize the status of operational risk incidents and commentary that includes the result of quarterly RCSA checking to senior management on a monthly
3. Information Security
Act as a secondary/back-up to perform Information Security tasks, reviews and user administration.
Requirements
Bachelor's degree in Information Security, Computer Science or related field
Knowledge of 3rd Party Risk
Knowledge/experience of Operational Risk
Knowledge of Windows, Windows servers including active Directory and AS400
Knowledge of security tools such as Anti-Virus, Vulnerability Scanner and SIEM
In-depth understanding of Information Security Administration.
Professional Security certification not required but a
Knowledge of information security related topics such as FFIEC, NYDFS Part500, ISO 270XX,
Intermediate Architect
Security Architect Job 279 miles from Plattsburgh
Kinlin Rutherfurd Architects is currently seeking an Intermediate Architect with strong design and technical skills and 3-5 years of experience. The right candidate will be highly motivated; detail oriented, and will have excellent verbal and written communication skills. Proficiency in 3D modeling is a plus.
Ideal candidates will meet the following requirements:
A professional degree (advanced degree preferred)
A minimum of 3+ years experience
Proficient in AutoCAD and Adobe
Self-motivated, organized, and resourceful
Currently living in the NYC metropolitan area and legally able to work in the United States
Kinlin Rutherfurd Architects is a design firm focused on creating high quality, timeless architecture which is thoughtfully detailed and tailored to its context. We specialize in high end residential projects including townhouses, private apartments, country homes, and multi-family buildings.
Intermediate Architect
Security Architect Job 279 miles from Plattsburgh
IMC Architecture is a boutique firm looking for a talented individual to help grow our practice. Our work includes ground-up and renovation of medium to large-scale multi-family residential, commercial, and mixed-use projects.
IMC is currently seeking a candidate for Intermediate Architect with a minimum of 4-7 years of experience with expertise in Building Information Modeling. US experience required. Candidates must be self-motivated, reliable, and able to manage all aspects of a project.
Responsibilities:
Integral team member for mixed-use, residential, education, and institutional projects, from feasibility through construction administration.
Site surveying of existing architectural conditions.
Assist in the preparation of technical drawings as well as design and conceptual presentation imagery.
Interface with Clients, Consultants, the Project Manager, and the Project Architect, as well as other Architectural team members. Coordinate individual work scopes with the rest of the project team.
Participate in the coordination of design and production of all phases, schematic design, design development and construction documents.
Assist with bid period and construction administration services, including site visits and coordination with the owner - private and/or public agency.
Candidate Qualifications:
High proficiency in Revit.
Strong communication and client interface skills.
Demonstrated project delivery experience, including production & coordination of drawings for all architectural phases.
Knowledge of construction materials, details, and methods.
Working understanding of the NYC codes and zoning.
Relevant NYC experience.
Experience in the Construction Administration phase.
Motivate and inspire team members throughout the project.
Bachelor's or Master's degree in Architecture.
4-7 years of professional experience in an architectural office.
Schedule:
In-office
We seek highly motivated individuals willing to take on responsibility and grow with our team. We encourage people who are detail-oriented, collaborative, and eager to take on challenges to contact us.
The salary range for this position is $75,000-$85,000, subject to adjustment based on the candidate's experience, skills, and references' feedback.
Qualified individuals should:
Submit PDF resumes and work samples (not to exceed 5 MB) to: ****************
Provide salary requirements in the body of your cover letter. *Applications without salary requirements will not be considered.
Principal OT Security Architect
Security Architect Job 164 miles from Plattsburgh
**Hello. We're Haleon** **.** A new world-leading consumer health company. Shaped by all who join us. Together, we're improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands - including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum - through a unique combination of deep human understanding and trusted science. What's more, we're achieving it in a company that we're in control of. In an environment that we're co-creating. And a culture that's uniquely ours. Care to join us. It isn't a question.
With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we're uniquely placed to do this and to grow a strong, successful business.
This is an exciting time to join us and help shape the future. It's an opportunity to be part of something special.
**About the role**
The **Principal OT Security Architect** is a critical role in the Digital and Tech Information Security organization supporting our OT Manufacturing sites to maintain the highest level of service availability and keep our network security levels ahead of our business demands, while pushing for more standardization through automation. The Principal OT Security Architect will assess, improve, and maintain the network security of the global manufacturing Operations Technology (OT) environment, and build new processes & procedures and develop guidelines for the business to adhere to. The Principal OT Security Architect will assess, improve, and maintain the cybersecurity posture of Global Manufacturing Operational Technology (OT) environment including Industrial Control Systems (ICS), Factory Automation systems and others as needed.
**Role Responsibilities**
+ Lead all aspects of architectural activities for a technology domain, or architectural practice area, or manage the development of solution architectures for projects or programs within a business area.
+ Define standards and direction of architecture in the specific business or technical domain. Define and develop the logical design and information management strategies vital to store, move and manage data in a new target state.
+ Create architecture patterns to suggest the most adequate utilization of technical platforms in support of the holistic solution architecture design.
+ Define, design, apply and support security controls to OT systems in our sites and own and define the architectural security standards for OT
+ Analyzes, designs, and develops roadmaps and implementation plans based upon a current vs future state.
+ Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws and regulations.
+ Leads the research and analysis of new security trends relating to OT security network.
+ Manages relationships with engineering teams and collaborates with teams across the organization to ensure network security levels are maintained at the highest level.
+ Explores raw network traffic & performs in-depth data analysis utilizing various tools.
+ Create useful and creative data queries & relevant dashboards and reports to key stakeholders.
+ Initiation, Prioritization, and design of R&D work based on customer needs.
+ Optimize operational excellence and ensure best practices for security are followed.
+ Serve on various forums (e.g., Information Security / OT Lead Teams) to analyze projects, programs, and products to ensure they are technological sound, will do no harm, and will deliver the expected outcomes.
+ Recognize the value of emerging technologies and practices with intent to accelerate cybersecurity capabilities for manufacturing and lab environments.
+ Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws, and regulations.
+ Provides technology guidance, collaboration and mentoring of key stakeholders and teams; develops and motivates to create a positive culture and working environment
**_Why you?_**
**Basic Qualifications:**
+ Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, or a related technical field
+ Expertise working with security programs and network architectures.
+ Solid foundation in network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge.
+ Understanding of Security threat modelling, vulnerability assessments and pen-testing.
+ Ability to present technical design proposals and reports to customers and/or other senior engineering, management, and government groups in clear, complete, concise, and non-ambiguous terms.
+ Excellent presentation, written and verbal communication skills; ability to clearly communicate and have excellent consulting skills.
+ Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
**Preferred Qualifications:**
+ CISSP, GICSP, CISM or CFSE/CFSP certification preferred.
+ CCIE or CCNP certification desired
+ Claroty, Zscaler, and Azure experience desired
+ 5+ years of Security experience working with cybersecurity frameworks, such as IEC62443, NIST (CSF) Cyber Security, and/or SANS CIS control frameworks.
+ Open-minded, flexible, and thrive in a highly dynamic, fast-paced, ever-changing environment.
+ Sound knowledge on Industrial Control Systems ICS environment including design, protocols, and integration (OT 4.0 experience)
+ Exposure of onsite travelling, site audit/security audit would be plus.
**Embrace Flexibility with Haleon**
**Location:** This exciting opportunity offers a flexible hybrid work arrangement, allowing you to contribute from our Warren, NJ office as needed, or remote from EST or CST time zones.
We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.
Please save a copy of the job description, as this may be helpful to refer to once the advert closes.
Haleon offers a robust Total Reward package that consists of competitive pay and a comprehensive benefits program. This includes a generous 401(k) plan, tuition reimbursement and time off programs including 6 months paid parental leave. On day one, you are eligible for benefits, including our healthcare programs where the company pays for the majority of your medical coverage for you and your family. We also offer the opportunity to receive a discretionary bonus based on the achievement of key business performance and other incentive/recognition programs as part of the offering. **The salary range for this role is: $135,868 to $170,000 plus a 18% bonus.**
\#Li-Hybrid
Care to join us. Find out what life at Haleon is really like ***********************
At Haleon we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone. We're striving to create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives. We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.
As you apply, we will ask you to share some personal information, which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objective and in understanding how well we are doing against our inclusion and diversity ambitions. We would really appreciate it if you could take a few moments to complete it. Rest assured, Hiring Managers do not have access to this information and we will treat your information confidentially.
Haleon is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, Haleon may be required to capture and report expenses Haleon incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure Haleon's compliance to all federal and state US Transparency requirements.
Hello. We're Haleon. A new world-leading consumer healthcare company. Shaped by all of us. Together, we're improving everyday health for millions of people. By growing and innovating our global portfolio of category-leading brands - including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum - through a unique combination of deep human understanding and trusted science. What's more, we're achieving it in a company that we're building together. In an environment that we're co-creating. And a culture that's uniquely ours. Care to join us. It isn't a question.
Senior Security Architect
Security Architect Job 279 miles from Plattsburgh
This role requires onsite work in NYC; this is not a remote role.OverviewThe Senior Security Architect will focus on enhancing the effectiveness of cybersecurity practices, increasing automation, and integrating security measures into the development pipeline. This role involves hands-on oversight of key security tools and processes to ensure the organization's security posture is continuously improving.This position will have a wide breadth of access across the cybersecurity tools ecosystem and will focus on adoption, automation, and continuous improvements. This includes tools across the security landscape - vulnerability management, configuration management, SIEM/Logging, access management, secure application development practices, SOAR, etc. The role will interface with key stakeholders across the business including other technology teams and business department leaders and have significant influence on the cybersecurity ecosystem and focus on the hands-on execution of security measures, including implementing, optimizing, automating, and troubleshooting technical defenses.We are looking for someone we can count on to:Manage:Cybersecurity tools and processes Technical systems and capabilities including automation and distribution Relationships with technology partners Roadmap of improvements and enhancements Relationships across engineering teams (networking, devops, systems, app dev, etc.) Teach:General cybersecurity awareness and business justifications Best practices employed to secure computing environments Methods of using available toolsets to improve overall cyber posture Work closely with other departments to ensure understanding of cybersecurity Work with colleagues across the business to ensure clear expectations are set Learn:NYPL's cybersecurity tools Automation mechanisms - SOAR, scripting, APIs, etc.Understand Library's unique place in providing network access as a means to accomplish its mission.NYPL's business and services to better understand the organization's risk profile.Emerging technologies that simplify security management Improve:Operational efficiency General awareness of cybersecurity Cohesion amongst toolset Security posture management across engineering teams Some expectations for this role are that within:1 month, this person will:Understand the organization's risk profile and cybersecurity tools Assess current cybersecurity technical processes and identify potential areas for improvement Begin engaging with key stakeholders across security, development, and infrastructure teams3 months, this person will:Start implementing approved improvements or automation for routine security tasks; being actively hands-on on these platforms and systems (Windows, Linux, Networking) Enhance integration between security tools for improved visibility and incident response Begin incorporating security testing into the development pipeline6 months and beyond, this person will:Fully integrate security testing suggestions into the development workflow Continue refining automation processes and security practices across infrastructure Propose ongoing improvements based on performance metrics Responsibilities: Oversee the management and optimization of key cybersecurity tools and processes, including vulnerability and configuration management, SIEM, secure development practices, and other common technologies Implement automation and process improvements for routine security tasks to improve operational efficiency Integrate security testing and secure development practices into the CI/CD pipeline for continuous security coverage Assess and report on the organization's cybersecurity posture, recommending improvements based on identified risks Collaborate with stakeholders across technology teams and business units to ensure alignment with cybersecurity initiatives Provide security guidance and training to teams to increase cybersecurity awareness and best practices Stay informed on emerging security technologies and trends to enhance the cybersecurity ecosystem This role requires onsite work in NYC; this is not a remote role.
Overview
The Senior Security Architect will focus on enhancing the effectiveness of cybersecurity practices, increasing automation, and integrating security measures into the development pipeline. This role involves hands-on oversight of key security tools and processes to ensure the organization's security posture is continuously improving.
This position will have a wide breadth of access across the cybersecurity tools ecosystem and will focus on adoption, automation, and continuous improvements. This includes tools across the security landscape - vulnerability management, configuration management, SIEM/Logging, access management, secure application development practices, SOAR, etc.
The role will interface with key stakeholders across the business including other technology teams and business department leaders and have significant influence on the cybersecurity ecosystem and focus on the hands-on execution of security measures, including implementing, optimizing, automating, and troubleshooting technical defenses.
We are looking for someone we can count on to:
Manage:
* Cybersecurity tools and processes
* Technical systems and capabilities including automation and distribution
* Relationships with technology partners
* Roadmap of improvements and enhancements
* Relationships across engineering teams (networking, devops, systems, app dev, etc.)
Teach:
* General cybersecurity awareness and business justifications
* Best practices employed to secure computing environments
* Methods of using available toolsets to improve overall cyber posture
* Work closely with other departments to ensure understanding of cybersecurity
* Work with colleagues across the business to ensure clear expectations are set
Learn:
* NYPL's cybersecurity tools
* Automation mechanisms - SOAR, scripting, APIs, etc.
* Understand Library's unique place in providing network access as a means to accomplish its mission.
* NYPL's business and services to better understand the organization's risk profile.
* Emerging technologies that simplify security management
Improve:
* Operational efficiency
* General awareness of cybersecurity
* Cohesion amongst toolset
* Security posture management across engineering teams
Some expectations for this role are that within:
1 month, this person will:
* Understand the organization's risk profile and cybersecurity tools
* Assess current cybersecurity technical processes and identify potential areas for improvement
* Begin engaging with key stakeholders across security, development, and infrastructure teams
3 months, this person will:
* Start implementing approved improvements or automation for routine security tasks; being actively hands-on on these platforms and systems (Windows, Linux, Networking)
* Enhance integration between security tools for improved visibility and incident response
* Begin incorporating security testing into the development pipeline
6 months and beyond, this person will:
* Fully integrate security testing suggestions into the development workflow
* Continue refining automation processes and security practices across infrastructure
* Propose ongoing improvements based on performance metrics
Responsibilities:
* Oversee the management and optimization of key cybersecurity tools and processes, including vulnerability and configuration management, SIEM, secure development practices, and other common technologies
* Implement automation and process improvements for routine security tasks to improve operational efficiency
* Integrate security testing and secure development practices into the CI/CD pipeline for continuous security coverage
* Assess and report on the organization's cybersecurity posture, recommending improvements based on identified risks
* Collaborate with stakeholders across technology teams and business units to ensure alignment with cybersecurity initiatives
* Provide security guidance and training to teams to increase cybersecurity awareness and best practices
* Stay informed on emerging security technologies and trends to enhance the cybersecurity ecosystem
Required Education, Experience & Skills
Required Education & Certifications
* Bachelor's degree preferred, but not required
Required Experience
* 5+ years administering cybersecurity tools
* Prior experience as a technologist in a role of systems engineering, network engineering, or application development
* Experience collaborating across IT support groups and business units
Required Skills
* Deep technical expertise within at least one domain of technology - systems (windows/linux), networks, or application development.
* Hands-on automation experience using scripting and or specific cybersecurity tools, etc.
* Strong understanding of cybersecurity concepts and hands-on experience with tools aligned with the NIST framework, including vulnerability management, SIEM, vulnerability/patch management, and endpoint protection
* Proficiency in integrating security testing and secure development practices into CI/CD pipelines
* Experience automating security processes and workflows to improve operational efficiency
* Strong analytical skills to assess risks, identify gaps, and propose security improvements
* Ability to communicate effectively with technical and non-technical stakeholders to drive security initiatives
* Knowledge of cloud security principles and practices across modern infrastructure environments
* Familiarity with secure coding standards and application security practices
Managerial/Supervisory Responsibilities
* N/A
More...
Core Values
All team members are expected and encouraged to embody the NYPL Core Values:
* Be Helpful to patrons and colleagues
* Be Resourceful in solving problems
* Be Curious in all aspects of your work
* Be Welcoming and Inclusive
Work Environment
* Office setting
Physical Duties
* Lift/move equipment up to 25 lbs
Pre-Placement Physical Required?
* No
Union/Non Union
Non-Union
FLSA Status
Exempt
Schedule
* Occasionally travel to NYPL sites
* Hybrid 3 - in office / 2 - remotely; as workload permits
* Available on-call after hours and weekends for emergencies
This job description represents the types and levels of responsibilities that will be required of the position and shall not be construed as a declaration of all of the specific duties and responsibilities for the role. Job duties may change if Library priorities change. Employees may be directed to perform job-related tasks other than those specifically presented in this description as needed.
The New York Public Library Salary Statement
At the Library, we believe that pay transparency and pay equity are important to ensuring we source the best candidates and keep the best employees. When making a determination as to the appropriate salary for a candidate, we consider a variety of factors such, including, but not limited to, the position requirements, the skills, prior experience, and educational background required or preferred for the job, the scope and impact of the role within the organization, internal peer equity, and the candidate's specific training, experience, education level, and skills. No single factor is conclusive; the Library reserves the right to consider any and all relevant factors and make a decision consistent with its policies.
Union Salaries are determined by collective bargaining agreement(s).