Cyber Security Engineer

Summary - Hybrid Role

Our client, an investment management company in the real estate industry, is looking to add a Cybersecurity Engineer to their IT organization. With a strong background in information security, this individual will be responsible for implementing, monitoring, and maintaining the security of information systems and networks, ensuring protection from cyber threats and unauthorized access. In addition, this candidate will manage security-related activities for onboarding and offboarding, access control, and building and maintaining a platform for Due Diligence Questionnaire (DDQ) management.

Key Responsibilities

Develop, implement, and maintain information security policies, procedures, and guidelines in accordance with industry best practices and regulatory requirements.

Build and maintain a secure platform to automate onboarding/offboarding leveraging Cloud SaaS, IaaS, PaaS, such as Azure App Services, Functions, Batch, Okta Identity Engine, Okta Workflows, Salesforce, Freshservice, Zoom, PagerDuty, Box, Datadog, Fortinet, Google Workspace, and Office 365, using their interfaces such as RESTful API or system specifics like Exchange Online PowerShell and Microsoft Graph API.

Perform regular security assessments, vulnerability scanning, and penetration testing to identify and remediate security risks.

Respond to and investigate cybersecurity incidents, including providing necessary support to incident response and disaster recovery efforts.

Manage security-related activities during employee onboarding and offboarding, including access provisioning and deprovisioning, and ensuring that access control policies are followed.

Build and maintain a secure platform for Due Diligence Questionnaire (DDQ) management, streamlining the process and ensuring the protection of sensitive information.

Compliance with all applicable regulations and industry standards, including SEC, FINRA, and other regulatory requirements.

Conduct regular security awareness training for employees to promote a strong security culture within the organization.

Stay informed about emerging threats, vulnerabilities, and trends in the cybersecurity landscape and recommend appropriate countermeasures.

Prepare and present reports on the status of the firm’s information security posture to management and other stakeholders.

Manage security-related activities during employee onboarding and offboarding, including access provisioning and deprovisioning, and ensuring that access control policies are followed.

Job Requirements

Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Minimum of 5 years of experience in information security or cybersecurity, preferably within the financial services industry.

Minimum of 3 years of experience managing onboarding, offboarding, access provisioning using Modern Architecture with SSO SAML v2.0 with Okta OIN SCIM, and interfacing Cloud Services to automate tasks using Microsoft Graph API, Exchange Online PowerShell, and RESTful APIs.

Familiarity with regulatory requirements and industry standards for investment advisory firms, including SEC and FINRA regulations.

Experience with security tools and technologies, such as firewalls, intrusion detection/prevention systems, encryption, and endpoint security solutions

Strong Experience with Okta access control and identity management platform.

Strong analytical, problem-solving, and decision-making skills.

Excellent communication and interpersonal skills, with the ability to work effectively both independently and as part of a team.

Relevant professional certifications (e.g., CISSP, CISM, CEH, or CompTIA Security+) are highly desirable.