Lead Information Security Engineer - Web-based Applications Security

In this role, you will:

• Lead computer security incident response activities for highly complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and influence all levels of professionals including managers
• Lead a team to achieve objectives

Required Qualifications:

• 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 5+ years of hands-on experience with Web Application Firewall technologies
• 4+ years of Intermediate to Advanced level experience with scripting/automation using tools such as: Bash, Ansible, Playbook/Role Development, PowerShell, Python, etc
• 3+ years of in-depth knowledge and troubleshooting of HTTP based Web Applications 
• 3+ years Knowledge and understanding of implementing WAF signatures or virtual patches
• 2+ years advanced understanding of Network concepts like DNS, Firewall and Load Balancing
• Proven experience with change and incident management practices in medium to large enterprise environments
• Experience with Agile Scrum or Kanban methodologies
• Basic understanding of TLS, Certificates, and MTLS

Desired Qualifications:

• Advanced Information Security technical skills and solid knowledge and understanding of information security practices and policies
• Automation experience
• ServiceNow experience
• Technical documentation experience
• Jira and Confluence experience
• Strategic planning experience in translating leadership vision into executable strategies and initiatives
• Technology experience in the Financial Services sector
• Ability to coordinate completion of multiple tasks and meet aggressive time frames
• Advanced critical thinking, problem solving and technical troubleshooting abilities
• Strong analytical skills with high attention to detail and accuracy
• Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment