Location: New York,NY, USA
Join the Mizuho team as a Senior Security Engineer! This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain vendor relationships, keep up to date on new product features, improve our overall security posture, and prepare data/reports for management. They will be expected to participate in our incident response process serving as an SME/escalation point. Additional miscellaneous work may also be required as it comes up to help the team achieve the overall goals for the organization. The remaining responsibilities of the engineer focus on a variety of functions within project implementation including business analyst, project management, and technical resource/implementer. The projects will tend to focus on and around the organization improving our security posture, as well as compliance posture as we operate in a highly regulated industry. The expectation is to understand the needs and requirements of stake holders and/or regulations, and translate the requirements into actionable tasks, drive project team members to complete their tasks, and perform their own implementation tasks to complete the objective. They will also be responsible for evaluating different products and aiding in the selection of tools for implementation. The projects will likely focus on or around concepts and tools related to EDR, Vulnerability Management, IPS, SIEM/SOAR, Network Monitoring Tools, CASB/SASE, and others. Knowledge of the above items, as well as being comfortable working with VMware, Firewall Policies, Cloud and understanding of DNS is required. Familiarity with DevSecOps, while not a day-to-day task, will be required as well. Major Responsibilities: The engineer is responsible for providing additional oversight of the security engineering function in a non-supervisory manner. They are expected to call out and highlight gaps/deficiencies and identify compensating controls that can be put in place by the broader team. They will be responsible for reporting on projects and BAU items to the Director of Security and may serve as a backup as necessary. Required Qualifications: Knowledge of the tools/concepts mentioned above. Understanding of the SDLC and project management concepts Understanding of the Incident Response life cycle is required as engineering may serve as an escalation point for Security Operations. Working knowledge of Linux and Windows OSes required. Ability to script/code to aid automation required - preferably Python, PowerShell, or Bash. Candidate must have high attention to detail and operate independently. Ability to troubleshoot and identify root cause analysis is a must have skill. Additional Qualifications: Experience with any of the following tools will help the candidate stand out: