Location: Jersey City,NJ, USA
Position: Enterprise Security Admin L3
Location: Jersey City NJ, Onsite
Primary Responsibilities:
Provide administration and operational support for endpoint security technologies
Document all product related details in runbooks, design, and/or configuration documents
Carry out regression testing and analysis with any endpoint security technologies
Follow release management processes and best practices for deployment, enhancements, and upgrades.
Work closely with Security operations center and other security groups during investigations.
Demonstrate mastery in log file analysis, fault isolation and diagnostic/assessment actions including root cause analysis, followed by the determination and self-directed execution of corrective actions.
Drive automation efforts to continuously monitor and maintain security posture of operating systems.
Maintain metrics and supporting analytics on System and endpoint Security.
Provide secondary assistance and operational support with EDR (Endpoint Detection and Response), Anti-virus solutions
Stay current on endpoint security best practices, active threats and mitigation strategies.
Draft & execute the strategy to enhance the investments in current technologies and drive continuous innovation with new ideas to improve and mature endpoint security posture.
Aggregate data across disparate platforms to design and develop alerting.
Manage a portfolio of application-related projects and directly manage select projects within that portfolio.
Qualifications:
Demonstrable and hands experience with endpoint security technologies
Hands on experience with DLP technologies is a MUST for this position
Demonstrated in-depth understanding of operating system (OS) internals, the mechanics of OS exploits with preventive and detective controls
Demonstrated experience in investigating security incidents with ability to analyze logs to uncover details of the compromise, systems involved, threat techniques etc.
Experience with scripting like Python, PowerShell etc., is highly preferred
Knowledge of Splunk search language is preferred.
Experience in creating trending, metrics, and management reports
Strong interpersonal & communication skills working with remote peers over IM, phone & video.
Experience working within the Financial Services Industry preferred
Demonstrated ability to provide technical direction to other peer staff members, and to train new junior staff members on the security team
Ability to elicit confidence and build rapport across multiple disciplines.
Self-motivated; able to learn on own initiative
Strong skills in organizing workflow, ideas & materials
Excellent documentation skills
Security certifications like Ethical Hacking or other specialized endpoint security certifications are preferred
B.S in Technology or Related area (proven experience can be used as a substitute).