Job Information
UNIVERSAL Technologies, LLC CISSP Certified Cyber Security Engineer in Brooklyn, New York
UNIVERSAL Technologies is seeking a CISSP Certified Cyber Security Engineer for an onsite position in Brooklyn, NY. Applicants should be prepared for 100% onsite work in Brooklyn, NY from day one. Position: The selected candidate will play a key role in ensuring Cyber Security for the City of New York’s initiative to implement new technologies for the emergency 9-1-1 call answering system. Qualified candidate will have experience developing and implementing cybersecurity policies, documenting, and assessing NIST framework and CJIS controls with hands on Cyber Security Firewall engineering experience. WHO WE ARE: UNIVERSAL Technologies, LLC is a Women-Owned (M/WBE) IT solutions and consulting company focused at delivering enterprise systems that significantly improve our clients IT performance. We work across the IT spectrum including Development, Business/Systems/Data Analysis, Project Management, Cyber Security, Network Engineering, and High-Level System Architecture. The pride in the services we provide and the accessibility and flexibility we provide to employees are what make Universal Technologies stand out from the rest! We hope to propel your IT career to the next level and excite our employees with new and challenging projects. WHAT WE OFFER: Our W2 employees can expect the following benefits:
Competitive pay
Health/Dental Insurance
Group Life Insurance
401K
HSA/FSA
Pre-Tax Transportation Program
Generous Paid Time Off/Holiday Policy
MANDATORY SKILLS/EXPERIENCE:
At least 5 to 8+ years’ experience in cybersecurity architecture, including compliance and risk management with a background in system and network security engineering.
BS/BA undergraduate degree.
Experience determining and implementing cybersecurity and privacy principles to organizational requirements.
Experience developing incident response process and procedures with internal and external stakeholders.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of processes for seizing and preserving digital evidence.
Knowledge of system and application security threats and vulnerabilities.
Strong background in documenting and assessing NIST 800-53 and CJIS controls.
Assessing and providing strategic direction for resolution of mission-critical problems, policies, and procedures.
Experience building defensible security architectures for operational technology with a focus on cloud security best practices.
Experience developing disaster recovery and continuity of operations policies, plans, and procedures.
Experience with defining, establishing, and directing techniques for detecting host and network-based intrusions using intrusion detection technologies.
Knowledge of anti-forensics tactics, techniques, and procedures.
Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code)
Knowledge of DDoS appliances such as NetScout Arbor, Fortinet FortiGate.
Knowledge of Insider Threat investigations, reporting, investigative tools, and laws/regulations.
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of legal governance related to admissibility (e.g. Rules of Evidence).
Knowledge of malware analysis tools (e.g., Oily Debug, Ida Pro).
Knowledge of malware with virtual machine detection.
Knowledge of NIST’s Cybersecurity Framework (CSF) with a focus on response and recover control families.
Knowledge of types of digital forensics data and how to recognize them.
Overseeing and interfacing directly with agency and interagency leaders during cyber incidents.
Strong understanding of vulnerability scanning solutions, and the ability to clearly document the associated risks and remediation timelines.
Valid CISSP Certification.
Writing business/process documentation, developing models and graphics, and making oral presentations to senior officials.
SCOPE OF SERVICES:
Research, validate and deploy solutions meeting security and NYC needs.
Possess a DevOps focus across technology and security architecture, automation, integration, and distribution.
Develop security team standards, policies, procedures, and processes.
Evaluate performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
Ensure security policies such as CJIS are in compliance throughout the design and build phase.
Engage in working sessions with the ESINET, GIS and L&R vendors on detailed designs and provide input to their proposed solutions.
Provide Next Gen firewall architecture designs and configurations.
Provide expert Information Security firewall architecture vision, leadership, analytical guidance/process, and security controls.
Implement cutting edge enterprise security solutions such as NGFW infrastructure; DNS/DNSSEC; enterprise MFA and NGFW infrastructure; and Data Loss Prevention (DLP) technology.
Manage the internal Security Solutioning and BOM process from Intake to implementation.
Evaluate the overall solution to ensure it is CJIS compliance.
Research, evaluate, test, recommend the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment.
Provide technical and expertise guidance for the deployment of security tools.
UNIVERSAL Technologies is an Equal Opportunity Employer.