Senior Systems Security Engineer
|Reference # :||17-05352||Title :||Senior Systems Security Engineer|
|Location :||Sleepy Hollow, NY|
|Position Type :||Contract|
|Experience Level :||Start Date :||06/06/2017|
Client is seeking an experienced and reliable Senior Systems Security Engineer to conduct security risk / technical assessments, reviews and/or audits of the client's third party vendors and partners. The individual will work as a member of the Systems Unit Security team and will be responsible for assessing the security posture of vendors and partners by conducting onsite Security based Quality (or Due Diligence) Reviews, Technical Assessments and/or Audits. Additional duties include reporting on assessment outcomes and prescribing associated recommendations to internal management as well as external entities for obtaining compliance to contractual requirements, corporate policy and/or state/federal regulations.
The Senior Systems Security Engineer will work with key stakeholders to develop a risk profile for third party entities, produce formal reports of findings as well as document status of open issues / audit items. Additionally, the individual will work with key stakeholders across multiple internal and external business units (Sales, Client/Account Services, Information Security, Enterprise Technology, Compliance, Claims, Underwriting, Management) to coordinate, perform and/or participate in security reviews of external entities and to track issues / action items to closure.
Secondary responsibilities include serving as a backup Security Liaison for the department. This secondary function requires the individual to act in a backup / support capacity to the Unit's Security Analyst in processing User Access Requests or conducting Departmental or Corporate based System Recertifications.
Since the individual will be conducting technical security assessments / reviews and / or audits, it is necessary that the candidate have an expert understanding of network layer protocols & industry best practices. Ideally, the candidate will have experience with routers and other network devices, firewalls, proxies, operating systems (Windows/Linux), databases (SQL Server/Oracle), and Email/FTP/Web/Database/DNS Servers. Additionally, the candidate should have an excellent understanding of Security Principles and Techniques (encryption, authentication, DLP, etc), Network / Infrastructure Architecture and IT Security standards and best practices.
Furthermore, the ideal candidate should have the following:
Job Status: Contract/Temporary