Principal, Information Security - Cyber Technology Platform Lead

Overview

• Analyze problems, evaluate technical issues, test, maintain, modify, integrate, monitor and ensure to automate software systems.
• Analysis of Software Rules engines and automation
• Responsible for design, development, testing and implementation of automated solutions that will interact with multiple third-party applications
• Incident management and post-mortem culture.
• Troubleshooting challenging and complex issues with data movement/availability/lineage/handling.
• Present technical concepts and create technical documentation.
• Being involved in system design, platform management, and capacity planning.
• Building sustainable production systems by eliminating unnecessary complexity and toil.
• Solving complex problems by a process of elimination, creating bespoke tooling where appropriate.
• Implement config management to large platforms and devops lifecycle tools
• Ensure stability in large scale interconnected global platforms
• Data Platform infrastructure management
• Perform Changes via Change Management process on large scale infrastructure
• Assisting users with platform usage and use cases
• Consults on a senior level and provides professional support for major components of the company's information security infrastructure.
• Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms in diverse system environments.
• Consults with the business and operational infrastructure personnel regarding new and existing technologies.
• Recommends new security tools to management and reports and provides guidance and expertise in their implementation.
• Reviews and analyzes highly complex data and information to provide insights, conclusions and actionable recommendations.
• Defines, implements, and applies area-wide security and/or COB policies and standards by leveraging in-depth knowledge of globally accepted information security and/or COB principles.
• Addresses high risk security concerns or incidents.
• Recommends course of action to mitigate risk and ensures that appropriate standards are established and published.
• Contributes to the achievement of area objectives.
• Proficiency in Microsoft suite of products
• Proficiency in one or more of the following: Python, Go, C, C, Java, Perl, Ruby, or any other non-shell script language
• Proficiency in data mining with query or search languages such as SQL, Splunk SPL, etc
• SW configuration framework (e.g., ansible, chef, salt), and devops lifecycle tools (e.g., git, subversion, artifactory)
• Experience with UNIX operating systems internals and networking
• Familiarity with various UNIX performance and system tools (e.g., strace, iostat, free, top, tcpdump , grep, awk, sed , etc)
• Experience in the securities or financial services industry is a plus
• Experience in troubleshooting large scale distributed systems.
• Experience in developing blackbox monitoring for systems using modern tools (e.g. prometheus / selenium)
• Integrating products using APIs
• Solid understanding of Risk culture
• Solid understanding of Systems Controls and Risk Reduction techniques
• Understanding and integrating new technologies such as cloud infrastructure
• Build, Run, and Manage
• Large Scale Agent Management and automation of the same

• Experience with logging systems like Splunk, ELK, syslog
• Experience with Attack simulation tools such as Verodin
• Experience with distributed systems design.
• Debugging / optimizing code
• Modern development practices. A strong preference for CI / CD / Devops techniques
• Containerization technologies.
• Experience with Cyber Security Tools
• Experience in managing a large scale Splunk environment is a distinct advantage

• Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred
• 10-12 years of experience in information security or related technology experience required