VG
Senior Consultant focused on ISMS, BCM, and cybersecurity compliance at VICCON GmbH. Leading projects and collaborating with clients to enhance their information security and resilience.
About the role
- Information Security Senior Associate managing HSAM's cybersecurity toolset and vulnerability remediation. Collaborating on security policies, incident response, and program development in a regulated environment.
Responsibilities
- Configure, tune, and manage HSAM’s cybersecurity toolset, including but not limited to endpoint detection and response (EDR), SIEM, vulnerability management, and data loss prevention (DLP) tools.
- Maintain and apply security policies and rules within cybersecurity platforms in alignment with HSAM standards and regulatory requirements.
- Conduct periodic security configuration reviews of technology systems and platforms against internal policies, industry best practices, and vendor hardening guidelines.
- Identify configuration gaps across technology systems, document findings, and coordinate with platform owners to remediate.
- Support a criticality-based review cadence for technology platform security configurations.
- Work cross-functionally to support security configuration needs and related enhancements.
- Support identity and access management (IAM) operations, including user access reviews, conditional access policy maintenance, and identity governance.
- Assist with the improvement of HSAM’s existing cybersecurity toolset and execute toolset enhancements, as appropriate.
- Support vulnerability scanning operations, including scan execution, result triage, and remediation tracking.
- Assist with the management of patching cadence and remediation timelines, ensuring open findings are tracked to closure.
- Monitor SOC alerting and assist with tuning detection rules to reduce noise and improve signal quality.
- Assist with incident triage, investigation, and documentation under direction of the CISO.
- Help maintain and update incident response runbooks and playbooks.
- Assist with monitoring threats and taking preventative measures to protect HSAM’s environment.
- Assist in maintaining a program aligned to applicable security standards, regulations, and industry best practices.
- Support the mitigation of information security risks within HSAM in a manner that meets compliance and regulatory requirements.
- Provide input to and assist with updates of policies, procedures, and other program-related documentation.
- Provide technical input into firmwide risk meetings and participate in security strategy meetings, as appropriate.
- Generate technical evidence and artifacts to support compliance audits and third-party assessments.
- Assist with technical writing, internal communications, and documentation related to security controls and configurations.
- Provide technical support for third-party assessments as needed.
- Attend meetings and serve on committees, as requested.
- Maintain and increase knowledge and skills through attendance at meetings, conferences, training seminars, and in-service training sessions.
Requirements
- 3-5 years of experience in information security with hands-on experience administering security tools and infrastructure in a regulated environment.
- Bachelor’s Degree in a technical discipline such as Information Security, Computer Science, Information Systems, or related field.
- Experience administering and troubleshooting enterprise security platforms (e.g., EDR, SIEM, vulnerability management, DLP tools).
- Working knowledge of cloud and SaaS security administration (e.g., Microsoft 365, Azure, GCP, AWS).
- Knowledge of data communications, network security fundamentals, and identity and access management concepts.
- Security certifications such as CompTIA Security+, GIAC certifications (GSEC, GCIH), or equivalent preferred.
- Knowledge of security frameworks, standards, and industry best practices preferred.
- Familiarity with scripting languages (e.g., PowerShell, Python) for automation and reporting preferred.
- Experience working in financial services, asset management, or other regulated industries preferred.
- Must be able to evaluate technical problems and determine solutions.
- Must have strong written and verbal communication skills.
- Must be able to follow and apply established security policies, procedures, and standards.
- Must be able to read and understand technical manuals and vendor documentation.
- Must be able to manage multiple technical workstreams independently.
- Must be able to maintain professional and effective working relations with supervisors and co-workers.
- Must be able to work flexible hours, including weekends and evenings.
- Must be able to learn new skills and technologies.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
GSS Officer at Itad supporting safety, security, and travel policies. Overseeing risk management and collaborating with project teams for operational support.
Install and manage fall protection systems at height, ensuring compliance with safety standards. Leadership required in overseeing teams and project delivery at construction sites.
Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Designer developing comprehensive application solutions for security systems at Johnson Controls. Collaborating on technical sales support and large - scale integrated electronic security systems.
Analyst role supporting Epic Security & Configuration at Acrisure, ensuring application functionality and troubleshooting issues. Collaborating with teams for configuration and security in Applied Epic systems.