Senior Engineer - Network Security

​

Who Are We

Fulcrum Digital is an agile and next-generation digital accelerating company providing digital transformation and technology services right from ideation to implementation. These services have applicability across a variety of industries, including banking & financial services, insurance, retail, higher education, food, healthcare, and manufacturing.

The Cyber & Information Senior Engineer will report directly to the Director of Cyber & Information Security.  In this position you will have the opportunity to contribute to and lead initiatives related to Network security, system security architecture and engineering, and security automation. The Sr. Engineer will partner with business units as a subject matter expert to help identify and mitigate cyber risks and threats through adoption of relevant baselines and frameworks.  This individual should be a self-starter with a passion for learning and problem solving.

Responsibilities:

The Cyber & Information Sr. Engineer will be responsible for daily operations within the security group, as well as:

• Assisting in the planning and development of an effective Cyber and Information Security Program that support organizational security policies, strategic corporate business objectives, and government regulatory requirements.
• Manage the development and implementation of Information Security policies, standards, guidelines, and procedures to maintain the security of Enterprise Networks and Systems.
• Ensure secure networking practices are implemented and followed.
• Develop and implement Network Access Control Policies.
• Develop and maintain Data Loss Prevention controls.
• Manage and maintain enterprise secure web gateway to facilitate secure remote access to cloud and on-premise systems.
• Manage and tune Firewall Intrusion Detection and Intrusion Prevention Systems.
• Monitor and tune Network Detection and Response (NDR) platforms.
• Coordinate, lead, and track Firewall Rule Reviews.
• Perform Threat Analysis to identify potential risks impacting IT and business operations.
• Demonstrate hands-on experience architecting networks and supporting application infrastructure.
• Report risks to management and support remediation efforts.
• Document Policy, Programs, and Procedures.
• Coordinate implementations with various stakeholders.
• Adhere to all C&F policies, procedures, and standards, within budgetary specifications, including time management, supply management, productivity, and accuracy of practice.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• 3-5 years of hands-on Information Security experience.
• Bachelor’s degree in a technical discipline or equivalent experience.
• Knowledge of Risk Management Frameworks and Security Best Practices such as NIST and MITRE ATT&CK.
• Strong understanding of network security concepts.
• Experience administering cloud-based network control tools.
• Experience with corporate compliance, reporting and metric collection.
• Knowledge of Security industry best practices.
• Knowledge of security architecture concepts and frameworks.
• Knowledge of scripting in Python, BASH, PowerShell or other languages.
• Knowledge of and experience with Data Loss Prevention, such as writing DLP policies, DLP exception management and DLP testing.
• Any Information Security certification is a plus.
• Requires good interpersonal skills, ability to function in a fast paced, short-deadline environment, and the ability to come up with innovative cost-effective solutions.
• Written and verbal English communication skills.
• Experience with internetwork, LAN, and WAN technologies.
• Demonstratable problem solving skills
• Will abide by departmental policies and procedures, including authority levels, to comply with C&F’s risk management controls.
• Background in Network security and Firewall Management.
• Experience with IDS/IPS systems.
• Experience implementing and tuning a cloud hosted Secure Web Gateway.
• Experience implementing security controls for on premise and Cloud workloads.
• Experience with packet trace and analysis tools such as WireShark and TCPDUMP.
• Experience implementing policies based on NYDFS, SOX, PCI or other governmental and industry compliance standards.
• Cloud networking experience a plus.
• Penetration Testing experience a plus.
• Experience in scripting or programming, including Perl, C, C++, C# And/Or Java.
• Policy, process and procedure documentation experience.
• Will abide by departmental policies and procedures, including authority levels, to comply with C&F’s risk management controls.
• Strong Team Player with ability to take charge.

Requirements

Requirements:

Additional Knowledge And Skills: