Senior Lead Engineer - Network Security

Job Description:

• Provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies:
• Ensuring team's adherence to SOPs, training and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable and conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff. 

o Web Application Firewall

o Firewall Appliance

o Software-defined (Cloud) Network Security

o Web Proxy

o Endpoint Security Protection

o Data Loss Prevention

• Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis and providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
• Execute daily security technology administration functions
• Perform Root Cause Analysis (RCA) on applicable technology
• Validate quality of dashboards and alerts and suggest updates to reflect new threats and changes in the monitored environment
• Support the Security Operations team in its efforts on various technology projects and operational initiatives
• Work as a part of a team to ensure that Guardian customers' data, technology platforms, and infrastructure are available and safeguarded from cyber threats
• Follow ITIL practices regarding incident, problem, and change management
• Stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements

Required Qualifications

• Being curious and desire to analyze anomalies
• Desire and passion to learn and grow in Cybersecurity
• Customer-focused demeanor
• Minimum 8+ years of proven experience in building and operating security controls in at least two of the following domains:

o Network/Perimeter Security, including Next-Gen firewalls, intrusion prevention systems, proxies, and Web Application firewalls (WAFs)

o Enterprise Endpoint (host-based) Security

o DLP and Secure Data Transmission, Storage, and Access

o Identity and Access Management / User Behavior Analytics

• Understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems
• Knowledge of TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, and application-level protocols: HTTP, SMTP, DNS, etc.
• Ability to understand and interpret the data produced by event log sources -- network security devices, operating systems, web servers, SaaS vendors, Public Cloud IaaS, etc. -- and correlate and filter the data to highlight interesting/anomalous activity
• Knowledge of Public (AWS preferred) and Private Cloud Infrastructure, virtualization, containerization, as well as Datacenter and Mainframe concepts
• Ability to quickly learn and develop new skills to support and coach junior staff on operational requirements
• Excellent organizational skills, highly detail-oriented, strong on workflow process; ability to manage and follow up on multiple competing priorities effectively; familiarity with Agile work planning methodology
• Excellent written and verbal communication and interpersonal skills and a sense of humor
• Ability to effectively work in a team, as well as to be an independent contributor on select projects
• Bachelor's degree in Information Technology or B.E; Master's degree is a plus

Preferred Qualifications

• Recognized Security Industry and Public Cloud IaaS certifications
• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)
• Familiarity with ITIL; experience with incident, problem, change, and risk management

Location:

This position can be based in any of the following locations:

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday