Head of Security Engineering (Leading Banking Institution)

MBK Search

Our client, a leading banking institution, is looking for a Head of Security Engineering to join their growing team.

Location(s): New York, NY; Jersey City, NJ; Boston, MA

Job Synthesis & Description
Our client, a world-class bank,  is currently recruiting a Head of Security Engineering to join their Cyber Security organization. The Cyber Security Engineering Head will be responsible for leading the implementation of security configuration standards (hardening standards) across the firm and providing insight to management on the status of remediation.

Specific Responsibilities
In this role you will primarily be responsible for:
  • Strategic road-map of security configuration standards (security hardening standards), raising the level of protection year on year.
  • Raising awareness and providing advisory on the implementation of security configuration standards.
  • Manage the evaluation of security configuration adherence across all infrastructure components.
  • Provide advisory on the implementation of additional security hardening.
  • Develop effective procedures/controls to reduce security configuration risks across different technologies.
  • Provide security engineering and architecture support on new controls.
Some of your additional responsibilities include:  
Security Configuration Standards
  • Based on a review of vendor recommended security standards, as well as industry, recommended standards, define the roadmap for the evolution of the Firm’s security configuration standards.
  • Provide tactical and strategic direction to the infrastructure teams on how to implement the security configuration standards (including automation options).
  • Be the first point of escalation for any conflicts on system parameters and applications and identify alternative controls or configurations.
  • Support technical reviews of risk exceptions.
  • Lead technical discussion around security the security configuration standards with various non-technical and technical parties.
Security Configuration Evaluation Program
  • Responsible for the ongoing testing of the adherence to security configuration standards across all platforms.
  • Manage configurations of tools and escalation of the identified security configuration gaps.
  • Lead resolution discussions with application, database and operating system platform owners on the remediation vulnerabilities.
Manage Security Configuration Reporting
  • Develop an operational support plan for the sustained success of the program – including KPIs and KRIs, training and development of security analysts and identify process improvements.
  • Enhance the firm’s security configuration identification program
  • Provide oversight and guidance over the firm’s security configuration activities.
Security Architecture Support / Security Engineering Support
  • Collaborate with security architects, development, network, server and web teams assess security weaknesses and provide prevention and detection recommendations for cyber threats. 
  • Understand and Implement developing regulatory guidelines in regards to security configuration and hardening.

Key Requirements
  • 8+ years’ of relevant experience in two or more of the following areas: Network security management, Web application security management, Vulnerability & Patch management, Designing and Operating enterprise security controls, Malware analysis and remediation, Security Incident Response Management and Penetration Test/Red Team
  • Security evaluation process/security identification activities
  • Expertise with security assessment methodology, vulnerability management, OWASP model, CVE ratings
  • Ability to read web and application server logs to determine potential breaches. 
  • Scripting/coding experience to prepare attack code
  • Familiarity in cybersecurity forensics is a plus
  • Experience with security attack simulation tools
  • CISSP a plus
  • Network certifications a plus
  • After-hours & Weekend work required