Job Requirement:

The Guardian Cybersecurity Engineering Team, builds and owns a broad variety of cutting-edge security controls and technologies that generally fall within the domains of Network, Endpoint and Data Security and are deployed within Private and Public Cloud environments. The Team is also responsible for the operational efficiency and resiliency of the said controls and technologies and designs corresponding operational processes to be performed by its partner, the Cyber Defense Center Operations Team.

The Team assesses and prioritizes the modern cyber-attack vectors and partners with other Guardian cybersecurity and infrastructure teams to engineer effective cybersecurity protective controls, ensure efficient and non-disrupting operations of the controls, and build new and enhance existing Cyber Defense Centers Monitoring and Response Use Cases with a goal to provide the Organization with the maximum level of protection and create robust countermeasures to prevent future cybersecurity incidents.

Team members aid in investigations of suspicious activity on the infrastructure, troubleshoot application performance issues, and train and mentor the members of the Cyber Defense Services Team to ensure efficient 24x7 production support for the owned technology. The Team also builds automation workflows, following DevOps methodology, for proactive remediation of service deficiencies and enables self-service capabilities for the owned technology, to be consumed by the internal customers.

Reporting to the Head of Cybersecurity Engineering Services, the position will be responsible for the continuous improvement of resiliency and efficiency and broadening the capabilities of the Network Security controls that protect the network, the network edge, and the related endpoint components of Guardians infrastructure. The individual will be challenged by working across a heterogeneous technology stack, delivering on key projects and responding to escalated operational issues.

You are

A self-starter who is fueled by collaboration, able to transform conceptual thinking into executable insights who thrives in partnering across the company with security, network, compute and storage engineering and operations teams and provide outstanding service to our internal business and technology customers.

You have

• Intellectual curiosity and proven record of spotting anomalies and identifying creative solutions to resolve deficiencies and optimize performance

• Strong analytical skills, particularly in assessing the risk and impact of sub-optimal control implementations and creativity in addressing and mitigating new threat and attack vectors

• 4+ years of experience with and a solid knowledge of:

  • Network and perimeter security technology, including next-generation firewalls, intrusion prevention systems, proxies, web application firewalls, site-to-site and remote access VPN, network DLP, and data encryption in transit

  • Network micro-segmentation approaches to Public and Private Cloud environments

  • Remote administration of servers and user computers

  • Working with security subsystems of one or more of the following operating systems: Microsoft Windows, macOS and Linux

  • TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, application-level protocols (HTTP, SMTP, DNS, etc.), and a proven track record of troubleshooting and resolving of network connectivity and performance issues

• Understanding of enterprise endpoint (host-based) security controls

• Understanding of various authentication methods, based on Microsoft Active Directory

• Proven ability to understand, interpret, and correlate the data produced by various event log sources -- network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security controls, etc.

• Working knowledge of using an enterprise-grade SIEM to visualize event data

• Working knowledge of at least one modern scripting language (Python, Perl, PowerShell, etc.)

• Familiarity with ITIL; experience with incident, problem, change, and risk management

• Strong communication and documentation skills, with ability to develop and deliver standard operating procedures, workflow and decision tree diagrams, and training materials to internal customers

• Excellent organizational skills, detail-oriented, strong on workflow process; ability to manage and follow up on multiple competing priorities effectively; familiarity with Agile work planning methodology

• Customer-focused demeanor; excellent interpersonal skills and a sense of humor

• Desire, curiosity, and passion to learn and grow in the field of Cybersecurity

• Bachelor's degree in Information Technology or any STEM discipline; Master's degree is beneficial

Nice to have

• Working knowledge of deploying and administering Cisco network security technology stack

• Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP)

• Ability to develop DevOps & DevSecOps skillsets to implement network security controls, define infrastructure as code, deploy cloud-based security services

• Understanding of CI/CD pipeline and the integrations with security controls

• Developer-level knowledge of some of the following technologies: Terraform, Jenkins, Puppet, Ansible, Splunk Phantom, Active Directory Group Policy; experience in utilizing vendor APIs from an own code

• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)

You will

• Design, implement and operationalize cutting-edge network security technologies on-premises and in the Cloud, while integrating them with technologies in the domains of Endpoint and Data security

• Monitor network security controls for proper operation; plan and execute necessary technology maintenance; support Operations Team on remediations for identified deficiencies

• Resolve escalated service issues and coach other engineers on troubleshooting efforts; partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards

• Provide advisory consulting services on the topics of network security to leadership, partner teams, and internal customers

• Develop processes to validate and attest proper operation of network security controls, dashboards, alerts, and reports

• Partner with Cyber Defense Center on improving existing and building new Monitoring and Response Use Cases to reliably identify and remediate anomalous activity on the network

• Enhance existing and develop new processes, procedures, and baselines with respect to cybersecurity and the use and operation of information systems

• Design and operationalize, through code development, the use of automated workflows to respond to operational issues and to implement changes for network security controls

• Partner with other technology teams to enhance Guardian CI/CD pipeline with additional security controls and to broaden self-service offerings of the Cloud for internal customers and the Team

• Perform risk and compliance self-assessments; identify, document, and plan for remediation of risks and other deficiencies in network security controls

• Support internal and external audit and compliance reviews, gather requirements and evidence, and provide timely responses

• Develop and administer training sessions on the topics of network security and provide coaching and mentoring to peers, junior team members, and the members of Cyber Defense Services Team for network security controls

• Drive initiatives to grow the cybersecurity mindset and best practices across the Company, with an emphasis on gaining measurable results

• Administer authentication and access controls, including provisioning, changing, and deprovisioning of user and system accounts, roles, and access permissions to network security assets in sustainability.

• This is a hybrid role based in either New York NY, Holmdel NJ, Bethlehem PA or Stamford CT with work from home flexibility.

• Up to 10% travel within US.

Our Promise:

At Guardian, youll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

We Offer:

• Meaningful and challenging work opportunities to accelerate technology and innovation in a secure and compliant way.

• Competitive compensation

• Excellent medical, dental, supplemental health, life and vision coverage for you and your dependents with no wait period

• Life and disability insurance

• A great 401(k) with match

• Tuition assistance, paid parental leave and backup family care.

• Dynamic, modern work environments that promote collaboration and creativity.

• Flexible time off, dress code, and work location policies to balance your work and life in the ways that suit you best.

• Social responsibility in all aspects of our work. We volunteer within our local communities, create educational alliances with colleges, drive a variety of initiatives in sustainability, and advocate for diversity & inclusion in all that we do.

Primary Location:

New York

Other Locations:

Bethlehem, Holmdel, Stamford

Job:

IT

Schedule:

Full time

Equal Employment Opportunity:

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.