Security engineer jobs in Islip, NY

Lead Security Engineer - Hands-On Role with Leadership Opportunity We're looking to hire a senior-level Security Engineer who's ready to step up and take the lead. Someone who's still very hands-on technically but also enjoys mentoring others, setting direction, and building scalable solutions that make a real difference. Title: Lead Security Engineer Salary: $160,000 to 190,000 +Bonus Location: Queens, NY (Hybrid) This role sits at the center of engineering, operations, and security-you'll be working directly with software and infrastructure teams to make sure security is embedded into everything we do. You won't just be managing tools; you'll help shape how security is done across the company. If you're based in the NYC area and looking for the next serious step in your career-where your ideas are heard and your work actually drives change-this is worth a conversation. What the Role Looks Like: You'll lead and mentor a small but growing team of security engineers, helping them grow while staying deep in the tech yourself. Work with internal teams to design and implement security solutions-cloud security, PAM, app and system hardening, etc. You'll be the one connecting the dots between development, infrastructure, and security-building relationships across teams and making sure security is part of the process from the start. Help optimize and improve the tools we already have, and figure out what's missing. What We're Hoping You Bring: A few years of experience leading or mentoring other security engineers-you don't need to have managed huge teams, but you've helped others level up. Solid technical background (5+ years in security engineering) and experience with on-prem and cloud security solutions (AWS or Azure). Hands-on knowledge of privileged access, identity management, system hardening, and network security. Strong instincts for risk, practical problem-solving, and keeping systems both secure and usable. Someone who communicates clearly, doesn't get lost in buzzwords, and works well with people across teams. Nice to Have, But Not Dealbreakers: Certifications like CISSP, CEH, CISM Experience with Linux security or scripting Familiarity with CI/CD pipelines and how security fits into DevOps Why This Role Might Be Right for You: You're ready for more responsibility and leadership, but don't want to give up the technical side of the work. You want to be part of a stable company with real backing and complex challenges to work on.

JOB FUNCTION The Cybersecurity Engineer will be responsible for implementing and maintaining the firm's cybersecurity technology solutions, monitoring for security incidents and vulnerabilities, coordinating end user activities, and participating in the investigation and response of any breaches or attacks. The ideal candidate will be a self-starter who can work both independently and collaboratively with diverse technical and business teams. He or she will report to the Chief Information Security Officer. Additional responsibilities include: Managing the vulnerability management program, including internal and external scanning, monitoring threat feeds, news sources, and vendor bulletins for risks and tracking remediation Maintaining and monitoring control baselines, hardening standards, asset/coverage metrics, and configuration compliance Monitoring and documenting key performance indicators (KPIs) and governance, risk, and compliance (GRC) evidence Suggesting and evaluating new technologies Educating employees on security best practices to reduce the risk of human error Collaborating with the Cloud, Systems, Network, Database, Desktop, and Development engineering teams on risk identification, analysis, and remediation Assisting with vendor due diligence Assisting with physical security infrastructure projects, maintenance, and updates QUALIFICATIONS The ideal candidate should have the following experience: 3+ years of experience in a Security Engineer role Proficiency with managing EDR solutions, SIEM, network security, cloud security, mobile security, vulnerability management, identity and access management, encryption, and a solid understanding of operating systems like Windows and Linux Strong ability to analyze security data, identify threats, and create effective solutions Ability to document and communicate technical information clearly to both technical and non-technical audiences Scripting/automation experience a plus The ideal candidate possesses the following traits: Creativity: the ability to deploy different approaches and be resourceful. Intellectual curiosity: passion for learning and investigating a broad range of subject matter; satisfaction derived from the consumption and understanding of information and increasing knowledge base. Accountability: ownership of individual responsibilities and work product. Strong people skills: ability to build relationships internally and externally and to be versatile in engaging with different constituents.

Job Title: Sr. Cybersecurity Risk Analyst Duration: 24+Months Responsibilities: Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City; Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise; Work with stakeholders across various divisions, soliciting input and working through feedback; Evaluate risk of third parties used by New York City agencies; Document and track remediation of risks in the Risk Register; Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies; Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines; Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary; Engage in communications with NYC Agencies; Handle special projects and initiatives as assigned. Required Sklls: A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team. DESIRABLE SKILLS/EXPERIENCE: BS/BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field. One or more of the following certifications are a plus: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) CompTIA Security+ CompTIA Network+ CompTIA A+ CompTIA CySA+ Cisco Certified Network Associate - CCNA CEH: Certified Ethical Hacker GIAC Information Security Fundamentals (GISF) GIAC Security Essentials (GSEC) (ISC)2 Systems Security Certified Practitioner (SSCP) Ability to work effectively in a team environment. Being highly organized, motivated and a self-directed professional. Knowledge of hardware, software, data, and network principles and systems related to Private and/or Public Sectors services. Understanding of commonly used computer operating systems, databases, network structures. Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001/27002, or CIS) Investigative and analytical skills. Excellent oral and written communication skills; Knowledge of the current and evolving cyber threat landscape; Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

Contact Details: 1.Poonam Khandelwal Email: poonam.khandelwal@peer-consulting.com Cell: (732) 797-9766 Job Title: Cyber Command Forensic Analyst Duration: 48 months Years of Experience: 8+ years Required Hours/Week: 35hrs/week Job Description: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. Research and develop new techniques, and procedures to continually improve the digital forensics process. Produce high quality written work product presenting complex technical issues clearly and concisely. Managing and maintaining the analysis labs and forensics tools leveraged for investigations. Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. Assisting the Cyber Emergency Response Team during critical incidents. Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based forensic analysis. Mandatory Skills/ Experience: Candidates who do not have the mandatory skills will not be considered. Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Desirable Skills/ Experience: Experience with a wide range of forensic tools (FTK, X-Ways, SIFT, AXIOM, EnCase, etc.) Experience with memory analysis tools (i.e. Volatility, MemProcFS) Experience with Linux and open source tools Experience investigating intrusions on Windows and Linux/Unix operating systems Experience with performing forensics collections in cloud environments (AWS, Azure, GCP) Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices Knowledge of virtual environments Knowledge of forensic imaging techniques Knowledge of Microsoft Windows operating system and Windows artifacts Knowledge of Linux/UNIX operating systems and artifacts Knowledge of mac OS operating system and forensics artifacts Knowledge of file systems Strong analytical skills

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

Akkodis is seeking a Cybersecurity Operations Specialist role is a Direct hire with a client located in NYC 10022 (Hybrid). Ideally looking for applicants to have a solid background in Security operations, SOC, Financial services, FINRA, SEC would come as a big plus. Salary Range: $130k-$140k/Annum + Benefits, The salary may be negotiable based on experience, education, geographic location, and other factors. We are seeking a Cybersecurity Operations Specialist to join our security operations team and play a hands-on role in monitoring, protecting, and improving the firm's cybersecurity posture. This position focuses on day-to-day security operations, vulnerability management, and incident response across our on-premise and cloud environments (AWS and Microsoft 365). The ideal candidate has strong technical knowledge of endpoint protection, identity management, and network security, combined with an analytical mindset and attention to detail suitable for a regulated financial environment. Key Responsibilities: Security Operations & Monitoring Monitor and investigate alerts from CrowdStrike Falcon XDR, Microsoft Defender, and Intune. Conduct triage and escalation of suspicious activities in coordination with infrastructure and IT teams. Maintain visibility and reporting through Tenable Security Center and Nessus vulnerability scans. Support log analysis, correlation, and event tracking through integrated dashboards or SIEM platforms. Vulnerability & Patch Management Perform routine vulnerability assessments and track remediation status. Collaborate with system administrators to ensure timely patching of Windows, Linux, and network devices. Validate risk reduction and patch compliance before closing findings. Endpoint & Identity Security Administer and monitor Symantec Endpoint Protection Manager (EPM) and Microsoft Intune policies. Enforce endpoint encryption (Corporate Laptop), application control, and posture management. Manage Microsoft Entra (Azure AD) identity policies, MFA enforcement, and conditional access rules. Review privileged account usage and assist in quarterly access recertification. Network & Cloud Protection Support network segmentation, VPN access, and firewall change reviews on Juniper platforms. Monitor ZScaler logs for anomalous web traffic or policy violations. Assist with AWS and Microsoft 365 security baselines, configuration hardening, and identity governance. Security Awareness & Compliance Administer and report on employee phishing and training campaigns via KnowBe4. Support audit requests (FINRA, SEC, SOC1/2) by preparing evidence and log samples. Maintain documentation of incidents, vulnerabilities, and security control tests. Incident Response & Reporting Participate in incident containment, investigation, and remediation. Collect forensic artifacts (logs, screenshots, binaries) as directed by the CISO. Prepare post-incident summaries and lessons-learned documentation. Qualifications: Required Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 3-5 years of experience in security operations, SOC, or IT security support. Working knowledge of EDR/XDR platforms (CrowdStrike, Defender), vulnerability scanners (Nessus), and firewall/IDS systems. Understanding of Windows/Linux administration, TCP/IP networking, and cloud identity management. Strong analytical, documentation, and communication skills. Preferred Experience with regulated financial institutions (FINRA, SEC, NFA, CFTC). Certifications such as CompTIA Security+, CySA+, Microsoft Certified: Security Operations Analyst, or GIAC GSEC. Familiarity with scripting or automation (PowerShell, Python) for security tasks. If you are interested in this role, then please click APPLY NOW. For other opportunities available at Akkodis, or any questions, feel free to contact me at *********************************. Equal Opportunity Employer/Veterans/Disabled Benefits offerings include but are not limited to: • 401(k) with match • Medical insurance • Dental Insurance • Vision assistance • Paid Holidays Off To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit ****************************************** The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: · The California Fair Chance Act · Los Angeles City Fair Chance Ordinance · Los Angeles County Fair Chance Ordinance for Employers · San Francisco Fair Chance Ordinance

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

Senior Cyber Security Engineer, NYC Hybrid (3 Days a week Onsite) Our client is a financial services provider and they're looking for a senior engineer with real depth in Python OO and CyberArk or Swimlane to step into a high impact role. This is a hands-on position in a stable environment where you will own serious engineering problems and build the next generation of identity and PAM controls. What you will work on: • Engineering CyberArk (IAM/PAM) integrations and custom PAM solutions • Building Python based tooling, APIs, and automation that matter • Strengthening enterprise identity platforms across a complex environment • Collaborating with senior architects while still owning the code What we are looking for: • Python object-oriented engineering, not scripting • CyberArk (IAM/PAM) or Swimlane (SOAR) engineering experience • Infrastructure security background • 15+ years' experience in Engineering and/or Cyber Security • Experience in financial services or large enterprise is a plus Who usually fits this role: • Identity and PAM platform engineers • SOAR engineers who build with Python • Infra security engineers tired of purely operational work

8+ years of experience in cybersecurity and network administration roles 5+ years of experience with various firewall platforms (Cisco Meraki, Palo Alto, Fortinet) Experience with endpoint protection, SIEM solutions, and log management tools Proficiency and knowledge of Azure Cloud Networking Knowledge of compliance standards CCNA, CCNP, Azure Network Engineer Associate Telecom Industry experience Experience partnering with 3rd party vendors for escalations This role is responsible for designing, deploying, and maintaining secure, high-performance network solutions across Cisco switches, routers, Meraki office systems, and Firepower/ASA in the data center, all integrated with Azure cloud networking. The position focuses heavily on cybersecurity, including implementing and managing firewalls, intrusion prevention systems, and security appliances, performing vulnerability assessments, and enforcing security policies and incident response protocols. The individual will act as the backend resource for a 3rd party managed service, handling escalations and unresolved threats, while collaborating with internal teams on risk identification and security improvements. Daily tasks include configuring virtual networks and security groups in Azure, managing identity and access controls such as MFA, monitoring network performance, troubleshooting connectivity issues, and optimizing configurations for scalability and security. The role also involves working with SIEM tools for threat detection, generating compliance and performance reports, maintaining documentation, and providing security training to staff. Continuous improvement is key, requiring the candidate to stay current on emerging threats and technologies while ensuring the overall security posture of the environment. This position is a 6 month contract to hire. It is a hybrid position in Bethpage, NY, Tues-Thurs. Insurance and 401K are offered during contract period as well as upon conversion. The converting salary for this role is $145,000-152,000.

Title: Information Security Architect On-site/Remote/Hybrid: Hybrid 3 days onsite/2 days remote. Duration: 12 Months Work Hours: 37.5 Hours/Week. Interview Process: 1-2 Rounds Job Description: This position is responsible for assisting in the development, implementation, and support of security architectures and solutions including security frameworks and roadmaps within the corporate business and Operational units across the agencies. It also includes securing enterprise information by determining security requirements, planning, implementing, and testing security systems with a team player environment. The following desired knowledge, skills, and abilities are required for this position. Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans. Knowledge of common information security management frameworks. Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management systems, anti-malware solutions, automated policy compliance tools and desktop security tools. Ability to develop, document and maintain security policies, processes, procedures, and standards. Knowledge of network infrastructure including routers, switches, firewalls and the associated network protocols and concepts. Strong analytical skills required to analyze security requirements and relate such requirements to the appropriate security controls. Responsibilities include the following. Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses; studying architecture/platform; identifying integration issues; preparing cost estimates. Plan security systems by evaluating network and security technologies; developing requirements for local area networks, wide area networks, virtual private networks, routers, firewalls, and related security and network devices; designs public key infrastructures, including use of certification authorities and digital signatures as well as hardware and software; adhering to industry standards. Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation. Upgrade security systems by monitoring security environment; evaluating and implementing enhancements. Prepare system security reports by collecting, analyzing, and summarizing data and trends. Track and understand emerging security practices and standards by participating in educational opportunities, reading professional publications and participating in professional organisation.

Sr. Technical Security Engineer, W2 remote Minimum Requirements 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications. Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS). Experience with mobile (iOS/Android) and desktop (Windows/mac OS/Linux) application security models. Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling. Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs. Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#). Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications. Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns). Ability to manage incident response and vulnerability remediation for thick client environments. Strong cross-team communication skills and ability to write clear developer-facing security guidelines.

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

Chief Information Security Officer (CISO) 📍 💰 Base Salary: Up to $325,000 + Bonus + Equity 🏢 Our Client: A Blockchain & Digital Asset Infrastructure Company About Our Client Our client is a fast-growing organization building infrastructure, software, and services that support the next generation of blockchain and digital asset ecosystems. They power secure transactions, institutional-grade solutions, and high-performance platforms used across the crypto economy. As the business scales, they are expanding their leadership team with a Chief Information Security Officer (CISO) who will own the strategic direction, operations, and continuous improvement of all information and cybersecurity initiatives. Role Overview The CISO will set the long-term vision for security across the entire organization, covering infrastructure, products, employee environments, and customer-facing systems. This leader will ensure that the company's digital asset capabilities, blockchain networks, APIs, and cloud environments meet the highest standards of protection, resilience, and regulatory readiness. This role requires an executive who can operate across technical, operational, and strategic levels-partnering with engineering, legal, compliance, product, and leadership teams. Key Responsibilities Design and drive a holistic security strategy covering infrastructure security, application security, product security, data governance, and operational risk. Safeguard digital asset environments, including wallets, key management systems, consensus mechanisms, and blockchain-based services. Build and lead an advanced threat detection, monitoring, and incident response program, ensuring rapid response and clear communication pathways. Collaborate with engineering teams to integrate secure development practices into blockchain, smart contract, and cloud-native workflows. Establish and maintain security controls, audits, and certifications, ensuring alignment with industry frameworks and regulatory expectations. Oversee vendor security, supply-chain risk management, and third-party assessments. Develop a culture of security throughout the business, including training, policy development, and ongoing risk awareness. Provide regular reports and briefings to the executive team on emerging threats, risk posture, and security roadmap progress. Experience & Qualifications 15+ years of experience in cybersecurity, with at least 5 years leading security organizations or programs at scale. Strong experience in blockchain security, digital asset custody, exchange or infrastructure security, or related crypto-native environments. Demonstrated success leading enterprise security programs that span cloud infrastructure, distributed systems, and high-availability environments. Skilled in working with frameworks such as SOC 2, ISO 27001, NIST, and global data protection standards. Expertise in cloud security (AWS, GCP, Azure), network security architecture, identity management, and DevSecOps. Comfortable operating in fast-moving, engineering-driven environments. Professional certifications (CISSP, CISM, CCISO, etc.) are a strong plus.

Hiring: Network & CPE Engineer - SASE Infrastructure Duration: 6 Months (Possible Extension) Citizenship: USC and GC only We're seeking an experienced Network & CPE Engineer skilled in SASE Infrastructure to support modernization and security transformation initiatives. This role will play a key part in designing, implementing, and optimizing secure, cloud-driven networking for a major telecom environment. Must-Have Skills Networking & SD-WAN expertise Strong background in Cloud Security and Zero Trust frameworks Hands-on SASE Platform experience (implementation, configuration, optimization) Key Responsibilities Support and enhance SASE-based network infrastructure Engineer and troubleshoot CPE and SD-WAN solutions Implement and enforce Zero Trust and cloud-security standards Collaborate with cross-functional network and security teams Contribute to ongoing network modernization initiatives 📩 Interested? Apply now or DM us to explore this opportunity! You can share profiles at ********************* OR Call us on *****************

Hi $first name$ CPS has a client in New York, NY looking for a Network Engineer. Please respond with your resume if you are interested in the opportunity. You are also welcome to pass the email along to someone you know that is looking for a new job. Assignment Information Working Job Title: Network Engineer Work location: New York, NY / Onsite Contract Duration: Contract to hire Qualifications: Necessary to perform the requirements of the position: Education - University or higher vocational degree and certification in network Engineering, Computer Science or related discipline is preferred. Experience - Minimum five (5) years of complex network platforms management and implementation, large scale networks experience is preferred. Minimum five (5) years of related project handling/coordination experience and process documentation. Operational Technology hardware and integration experience is a must. Skills - The Following Are Strongly Recommended/critical In deep knowledge of Cisco hardware, implementation, and support. CCNA as a must - CCIE prefer Platforms, Networking, and protocol (TCP/IP, Profibus, ProfiNET, ASI, CAN-Bus) Extensive understanding of a wireless connectivity and Lte environments. ITIL V4 Certified is recommended.

Elite global boutique hedge fund seeks Network Engineer to join their growing team. You will be working in a team environment and interact with traders, mid-office, data team, admin team and outside brokers. The fund is seeking a dedicated Network Engineer to maintain and support the firm's network infrastructure, ensuring optimal performance and reliability in a Windows/Linux hedge fund environment. Candidates should be attentive to detail, possess strong problem-solving skills, and be motivated to rapidly learn and collaborate within a close-knit technical team. Job Responsibilities Perform all routine network administration tasks, including managing firewall rules, switch configuration changes, periodic device patching and maintenance, and troubleshooting complex network connectivity issues Support WAN cross-connects and interconnect circuits with various counterparties like brokers, market data vendors, and cloud providers Manage and fully support the firm's network environment of Arista switches and Fortinet firewalls, spanning one main office location, two colocation datacenters, and a variety of public cloud presences. Support other miscellaneous infrastructure like Meraki Wi-Fi access points and remote access solutions Design, Implement, and optimize network and security services like Fortigate and Zscaler, in on-premises or cloud deployments Complete scheduled operational tasks and respond to alerts or issues that arise from monitoring solutions like Solarwinds and SIEM Monitor network performance and implement high availability solutions with redundancy and failover Maintain comprehensive documentation of the firm's network such as diagrams of network topologies, standard configurations for network devices, and related operating procedures Assist in any infrastructure projects or new network solution deployments as necessary Requirements 4 year university degree (focus on technology is preferred) Relevant Certification such as Network+, CCNA, Security+ or similar is a plus 3 - 5+ years of experience managing enterprise network infrastructure, ideally within the finance sector or other relevant industry Detailed knowledge of the OSI network stack, with expertise in all layers of the stack Expertise in WAN and routing topologies, datacenter switching, and traffic management strategies Experience in designing and operating secure hybrid multi-cloud systems (GCP, Azure, AWS) including cloud connectivity and Infrastructure-as-code. Knowledge of cloud networking infrastructure like DNS, VPC, Firewalls, SGs, CASB, IDP, IAM Demonstrated mastery of all core networking concepts, including switching and routing, subnetting and addressing Advanced knowledge of networking protocols like Ethernet, LACP, STP variants, 802.1q, 802.1x, VLAN and technologies like OSPF, BGP, Multicast PIM, NAT, VRRP, MLAG, QoS, VXLAN, GRE, IPSEC, DHCP, and PBR Broad understanding of enterprise technology: applications, desktops, servers, storage, and security, particularly as it pertains to network operations and connectivity Proactive with strong organizational and interpersonal communication skills