My Shortlist

Your shortlisted jobs will appear here. To view your shortlist, please login or register

More Jobs Like This
DATE ADDED: Mon 20/01/2020

Security Engineer

Pittsburgh, PA, US


JOB TYPE: Permanent, FullTime

We are currently searching for a Security Engineer for our Pittsburgh office. Essential Duties and Responsibilities: Assist in evaluating, planning, configuration and implementation of new/existing security applications/tools. Configure, implement, monitor and support security software/systems that will help ensure compliance with Firm policies and procedures. This includes, but is not limited to, Anti0Malware/Anti-Virus, Phishing and SPAM controls, Vulnerability Management, Configuration Management, Vendor Remote Access, MFA/SSO, etc. Responsible for development, execution and/or coordination of IT policies and procedures, compliance reviews, social engineering and phishing campaigns, end user awareness training, client audit responses, and third party risk assessments, etc. Ensure security best practices are identified and integrated into all facets of the project including network, system designs/configuration, and implementation. Identify and recommend potential areas where existing data security policies and procedures require change, or where a control is required to mitigate security risks while working with various teams to enhance security policies and procedures. Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security. Manage relationships with third party providers of security monitoring and tools to ensure assets are being protected. Proactively identify security problems, monitor performance trends, perform upgrades, and make recommendations to security hardware and software as required. Perform periodic information risk assessments, conducts compliance monitoring activities, and initiate reoccurring penetration testing. Responsible for providing support during off hours for security. Track data security issues to closure in a timely manner by partnering with business units, communication solutions, and verifying remediation. Perform other duties to support the security program as assigned. Required Education/Experience: Bachelor's degree in an Information Security, Computer Science, Business or Engineering related program; Advanced degree preferred. Minimum of five (5) years of information or network security-related experience. One or more of the following certifications CISSP, CISA, GIAC is desired; matriculating candidates considered. Working knowledge of some or all of the following: Anti-Malware, secure email gateway management, web proxy management, vulnerability management, risk assessment, vendor remote access management, MFA/SSO/SAML management. Excellent listening skills and written and oral communication skills, including effective presentation skills. Ability to understand technical implications of security threats. Must have experience with information technology and information security policy and procedure development. Must have experience developing and administering phishing and social engineering awareness campaigns as well as end user awareness training. Skill in with performing internal auditing, responding to third party vendor security assessments is preferred. Skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions. Skill in information security audit planning and project management, and in maintaining composure under pressure while meeting multiple deadlines. Ability to relate to non-technical users and identify learning opportunities. Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment Ability to work independently under general supervision with considerable latitude for initiative and independent judgment. Strong interpersonal, communication, organization, creative, and leadership skills with the ability to exhibit sound judgment and express verbal and written information effectively. Experience working in a law firm or professional services firm environment preferred. Understanding of ISO27001/NIST principles preferred. Arifa Gulzar | Technical Recruiter Phone: (412) 212-1213 - provided by Dice