JPC Partners is looking for a Senior Security Engineer that will work in conjunction with a team of IT operations professionals to ensure the company’s data, computer systems, and infrastructure are secure through analysis, testing, and investigation. The Security Engineer will take a lead role in performing necessary installations, upgrades, and improvements for the company’s current cybersecurity infrastructure. Primary Responsibilities:
Collaborate with Information Technology leadership to develop and update strategy to support the Firm’s security architecture
Partners with various business groups to ensure security best practices are followed in the design and implementation of new projects
Administers vulnerability management platform, including configurations, vulnerability scanning, reporting, and endpoint agent updates
Administers EDR platform, including event investigations, alert and report design, policy configurations, and endpoint agent updates
Works with Cloud Engineer and Operations staff to ensure Microsoft cloud design and implementation follow security best-practices
Conducts regular audits to ensure EDR and vulnerability scanning applications are installed and functioning as expected
Monitors SIEM and Microsoft Azure environment for evidence of current or previous security events, as well as performs improvements to Splunk alerts, reports, and dashboards
Leads incident response in cases of confirmed security incidents, including minimization of business impact, communication of findings and mitigation, forensics collection, and hardening recommendations
Monitors outside threat intelligence sources for both general industry and the legal industry and makes recommendations to ensure the company is well positioned against future threats
Works with technical operations teams to ensure security controls such as firewalls, MFA, and NAC functioning as expected
Prepares reports of security performance metrics, events, incident findings, and other security related outputs
Works with Risk and Audit teams to ensure all relevant certification tasks and client inquiries are addressed in a timely manner
Qualifications:
3+ years of work experience as a security analyst or information security engineer
Current security certifications strongly preferred or willingness to obtain within 1 year
Hands on experience in security software and systems including firewalls, intrusion detection systems, anti-virus/EDR software, identity monitoring solutions, authentication platforms, log management , web-content filtering platforms, and vulnerability management systems
Splunk, CrowdStrike, and Qualys software experience preferred
Azure cloud security experience is a plus
Ability to work in complex IT environments with minimal supervision and collaborate effectively with multiple teams in a dynamic environment
Experience in project task planning, implementation, and documentation