Key skills
Microsoft 365 SecurityMicrosoft DefenderMicrosoft SentinelMicrosoft PurviewAzureEntra IDAgentic SecurityData Security Posture ManagementDevSecOpsCloud Security Posture Management (CSPM)Cloud Architecture IaaSCloud Architecture PaaSCloud Architecture SaaSAWSContinuous Audit and AlertingIdentity and Access ManagementData Loss Prevention (DLP)Security Information and Event Management (SIEM)RoutingFirewallsNAT TranslationProxiesNext-gen SASE SolutionsIncident ResponseSecurity AssessmentsVulnerability ScansRisk AssessmentsInformation Security CertificationsNetworking ConceptsAIAgenticSplunkSaaSRisk Management
About this role
Genesis10 is currently seeking a Senior Security Engineer - Remote position with a Global Law Firm located in New York, NY. This role involves developing and maintaining cybersecurity infrastructure and guiding the implementation of cloud and AI systems. The engineer will be responsible for leading security strategies, managing cloud architecture, and responding to security incidents.
Responsibilities:
- Lead the strategy, design, and implementation of scalable AI security and agentic security controls
- Work closely with IT and AI acceleration teams to onboard newly developed AI use cases in a secure manner, including end-to-end DevSecOps and CSPM tooling
- Design, implement, and maintain a secure and resilient cloud architecture (IaaS, PaaS, SaaS) across Azure, AWS, and Office365
- Design and build continuous audit and alerting capabilities in cloud environments
- Develop and implement robust identity and access management strategies for cloud environments
- Monitor and manage user access permissions, following the principle of least privilege
- Use Microsoft 365 Security and Purview technologies to establish and enforce data protection policies
- Monitor for data leakage to and from the cloud and on-premises
- Lead incident response efforts for security incidents, coordinating with internal and external stakeholders
- Implement logging and monitoring solutions to detect and respond to security events in real-time
- Design, implement, and manage security infrastructure to safeguard networks, systems, and applications
- Conduct regular security assessments and vulnerability scans to identify and address potential risks
- Lead incident response efforts and conduct thorough investigations for security incidents or breaches
- Work with key stakeholders to conduct and formally document risk assessments against new technologies
- Collaborate with IT, legal, and compliance teams to align security initiatives with business objectives
- Communicate security risks and recommendations to both technical and non-technical stakeholders
Requirements:
- Bachelor's degree in Information Systems, Information Security, Risk Management, or a related field
- At least five years of experience in Information Security or a similar role
- Awareness of basic tenets of secure software development
- Solid understanding of networking concepts, such as routing, firewalls, NAT translation, proxies, and other next-gen SASE solutions
- Familiarity with Data Loss Prevention (DLP) concepts and strategies
- Deep level security information and event management (SIEM) log analysis experience
- Ability to work independently on important initiatives, reporting to senior management on milestones or issues
- Information Security certifications such as Microsoft, CISSP, CISM, Palo Alto, Splunk, or Cisco