Senior Security Support Engineer

WILL WORK ONSITE 4X PER WEEK IN MIDTOWN!

About Us

Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services.  Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers.  Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER.  If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!! 

Position Overview

We are seeking a Senior Security Support Engineer focused on supporting and managing the security needs of our financial services clients. Responsibilities include ensuring tailored security solutions, overseeing customers' security platforms, and collaborating with clients to customize reports. The engineer will manage security tools such as ESET, Palo Alto Networks, Cisco Meraki, Netwrix, Mimecast, InfoSecIQ, Synack, Splunk, FortiSIEM, Sumo Logic, eSentire, SpecOps, Duo Security, Orca Security, and Zerofox. Additionally, the role involves documenting security processes, staying updated on security events and techniques, and co-managing security platforms. This position requires a proactive approach to security, strong client communication skills, and adaptability to evolving threats and technologies. 

Primary Responsibilities

• Take ownership of the security posture for a portfolio of financial services clients, ensuring the implementation and enforcement of security policies and standards 

• Spearhead the ongoing management and enhancement of our customers' security platforms to achieve optimal performance and security posture

• Expertise in managing Crowdstrike endpoint protection and malware detection

• Experience with Palo Alto Networks' firewall and security solutions

• Knowledge of Cisco Meraki for cloud-managed IT solutions

• Design, implement, and manage IAM solutions, enforcing least privilege principles and strong authentication/authorization mechanisms. Stay current on IAM best practices and emerging trends

• Deeply understand and apply AWS security best practices (IAM, Security Groups, VPCs, KMS, CloudTrail, GuardDuty, etc.) to proactively secure AWS environments and ensure compliance

• Develop and maintain security automation scripts (vulnerability scanning, log analysis, incident response) and integrate security into the SDLC using DevOps principles. Leverage scripting languages like Python or Bash

• Implement and maintain security baselines for operating systems, applications, and network devices. Regularly review and update system configurations to mitigate vulnerabilities. Conduct security audits and assessments

• Implement and manage PAM solutions to secure, control, and monitor privileged access. Enforce strong authentication and authorization for privileged users. Conduct regular audits of privileged access

• Design, implement, and manage SIEM solutions to collect, analyze, and correlate security logs. Develop and maintain log parsing rules, alerts, and dashboards. Conduct in-depth analysis of security logs to investigate incidents and identify root causes

• Familiarity with Netwrix for IT auditing and data security

• Experience with Mimecast for email security and archiving solutions

• Knowledge of InfoSecIQ for security awareness training and phishing simulation

• Familiarity with Synack for crowdsourced security testing and vulnerability assessments

• Proficiency in using Splunk, FortiSIEM, Sumo Logic, and Esentire  for data analysis and security monitoring

• Experience with SpecOps for password management and multi-factor authentication

• Proficiency in using Duo Security for multi-factor authentication

• Familiarity with Orca Security for cloud security and compliance

• Experience with Zerofox for social media and digital risk protection

• Collaborate with clients to understand their reporting needs and requirements and customize reports accordingly

• Create and maintain materials documenting security processes, procedures, and technologies, along with generating automated reports for relevant stakeholders as needed

• Stay abreast of security events and techniques to keep our clients aware of new threats and attack techniques

• Other duties as required

Qualifications

• Bachelor's degree in Information Technology or a related discipline is preferred, although an equivalent combination of education and relevant work experience will also be considered

• A minimum of 5 years' experience in the information security industry, with demonstrated leadership and technical expertise

• Extensive experience in information security, incident response, and offensive security strategies.  

• Ability to go onsite to customer’s NYC office 4 days a week

• Solid understanding of network protocols, operating systems, application layer protocols, and security best practices

• Understanding of cybersecurity threats, and experience with incident response standards and procedures

• Proficiency in managing various security tools and platforms, including ESET, Palo Alto Networks, Cisco Meraki, and others

• Experience in creating and maintaining security documentation and automated reports

• Ability to stay updated on security events and techniques to keep clients informed about new threats and attack methods

• Proficiency in SIEM and EDR technologies

• Advanced knowledge of endpoint detection and response (EDR) solution

• Ability to analyze large amounts of data from various sources to solve complex problems and make informed decisions

• Excellent written and verbal communication skills

• Ability to communicate security information to non-technical people

• Demonstrates comprehension of good security practices

• Experience supporting Microsoft/Azure security solutions (O365, 365, Sentinel). 

• Vulnerability discovery and analysis

• Knowledge of risk assessment tools, technologies, and methods