Cyber Security Specialist

This is a technical position where this person will manage, provide technical support, implement, maintain and troubleshoot all security products used by the Firm. They must have significant hands-on experience with security technologies and solutions. They will also perform daily investigation of security incidents, security assessments and audits. Candidates with work experience in financial institutions, government or highly regulated industries are preferred.

Please note this is a remote position. The working hours are: 6am - 1pm Eastern Time, Monday - Friday, and will be part of an on-call rotation schedule. This position will also require the following:

The ability to travel when necessary.
• Ability to report for work on regularly scheduled days and off hours when required.
• Available to take emergency off hour calls during security incidents.

• Manage firewalls, Anti-Virus, Web Filtering Solutions, DLP, IPS/IDS, NAC, DDOS protection, third-party remote access, application whitelisting solutions, endpoint detection and response solutions.
• Manage Security Incident and Event Management systems (SIEM).
• Manager and investigate all security events until resolution.
• Manage privilege account management systems.
• Conduct technical security audits and perform risk assessments.
• Conduct firewall, network and systems configuration change and audits.
• Perform vulnerability scans on networks, servers, systems and applications.
• Create weekly security reports including keeping track of information security metrics.
• Work with consultants and third-party vendors as it relates to security services they provide.
• Participate in project reviews of information security architectures associated with each initiative.
• Conduct malware analysis and research for new exploit techniques used by cyber criminals.
• Conduct proactive threat hunting.
• Research and test new security technologies.
• Manage and maintain a good relationship with third party security vendors that support Milbank (MSSP, SOC and others).
• Maintain and create new process to ensure the Firm's security posture meets clients' security requirements.
• Participate as part of member of Cyber Incident Response team.

Knowledge, Skills, Abilities

• 5-7+ years' experience in IT Security.
• Prior experience with actual incident response, investigations and forensics analysis.
• Extensive knowledge of security best practices in regard to computer systems, networks, telecommunication and all associated hardware.
• Strong, analytical approach to problem solving and solution development - able to think outside of the box and go beyond traditional security.
• Able to manage multiple projects and support functions in a fast-paced, dynamic environment.
• A professional with a customer satisfaction-oriented mindset, creative, and able to balance security with business objectives.
• Strong analytical, communication and interpersonal skills.
• Excellent documentation skills and capable of creating comprehensive security documents such as standard operating procedures, guidelines and architecture diagrams.
• Able to fully perform the job function with minimum supervision.
• Passionate about security and strive to ensure the Firm is protected against evolving cyber threats.

Must have hands on experience with following technologies:

• Cisco network devices
• In depth experience with Palo Alto firewalls with all the features available in the product
• Experience with password safes (CyberArk or Beyond Trust)
• Micro segmentation technology - Illumio or others
• SIEM products such as Microsoft Sentinel or others
• IDS & IPS (Vectra AI, Snort, Suricata, AlienVault, or others)
• Endpoint security products - CB Application Control, Microsoft Defender and Defender ATP.
• Vulnerability scans and penetration test using Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike or others.
• Open-source security tools (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoast, TrustedSec SET and others) and network traffic analysis
• Vulnerability management with Tenable IO, Rapid7 Nexpose, Qualys or others
• Experience with Windows operating systems, Active Directory, DNS, DHCP, Microsoft SQL
• Experience with Linux operating systems (Ubuntu, CentOS RedHat)
• Experience with Windows Servers and Workstations Security
• Experience with scripts (python, VB, Powershell and others)
• Experience with Privilege Account Management Solution (CyberArk, BeyondTrust or others)
• Microsoft M365 E5 security products and Microsoft Azure

Education

• Bachelor's degree in computer science or information systems or significant work experience.
• Must have the following certifications: GIAC GSEC, PCNSE, OSCP.

Compensation

The anticipated base salary range offered for this role will be between $120,000 to $160,000 and represents the firm's good faith and reasonable estimate of the base compensation range. Actual base compensation will be dependent upon several factors, including but not limited to the candidate's relevant experience, performance, qualifications, degrees, and location, as well as the needs of the firm.