Security Engineer at Advent Software

SS&C Innovest seeks a Security Engineer. Apply your cutting-edge skills to support a powerful suite of products serving the financial services industry.

With offices in New York, Texas and California, SS&C Innovest specializes in trust, wealth management, payments, unique and hard-to-value assets, securities operations, and information systems.

Daily Responsibilities:

• Monitor the health of Innovest information systems daily
• Conduct security operations necessary to maintain the confidentiality and integrity of enterprise data and information systems.
• Identify and investigate cybersecurity events, escalate to other internal teams, coordinate the resolution effort among departments, follow up through the complete life cycle of the security events.
• Troubleshoot security-related infrastructure problems and respond to system and/or network security breaches. Create new trouble tickets for alerts that signal an incident or threat.
• Test and identify network and system vulnerabilities, perform daily security administrative tasks, report, and communicate with the relevant departments.
• Assist in defining the security strategy and integrating regulatory compliance requirements into the organizational security roadmap.
• Ensure that the corporate IT environment is secure and complies with all internal and external audit requirements.
• Implement and maintain cryptographic controls (e.g., data at rest, data in transit) in line with security company posture.
• Assist in coordinating with systems and network engineers to ensure servers and network devices conform to security standards and that security devices and controls are working as designed.
• Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices.
• Participate in security committee meetings, including change management, data and infrastructure protection, security enhancement recommendations, and audit remediations.
• Conduct internal penetration testing and attack process simulation to look for vulnerabilities in the systems.
• Responsible for security implementation throughout the system development lifecycle. Validate, support, and improve the application security program, conduct static and dynamic code scanning.

Installation, configuration, and management

• Install, configure, and maintain software or systems such as encryption programs, intrusion detection systems, data leak prevention mechanisms, antivirus, antispam controls, authentication, and authorization controls.
• Implement, and maintain endpoint and network security systems and processes to detect, assess, and mitigate electronic threats to the company network and data.
• Manage security log and analysis systems. Identify and analyze potential threat activity, targeting company networks via monitoring systems, alerts, vulnerabilities, SIEM tools, and network traffic.

Research, audits, and updates

• Research new technologies, products, and trends to enhance the company security posture.
• Practice continual self-improvement through education, training, and the newest trends related to cybersecurity; stay on top of NIST and DoD's latest announcements, including best practices on the security infrastructure.
• Involved in creating innovative company disaster recovery plans and related policies/procedures, test the recovery plans, and preventive measures.
• Assist with management of user training and help understand information security principles.
• Conduct risk analysis, assess risks and business impacts, identify gaps in risk management, make recommendations to immediate risks.
• Write documentation for tasks, procedures, and knowledgebase articles needed to support the understanding and efficiency of SIEM services.

Candidate Qualifications:

To perform the assigned duties effectively, the candidate must meet the knowledge and experience requirements listed below.

• 3+ years of experience in the information security industry
• Solid knowledge of networking and security systems, including firewalls, IDS/IPS, authentication systems, cryptographic structures, TLS decryption, and inspection
• Minimum of two years of hands-on experience with SPLUNK
• Knowledge of standard network protocols on multiple levels (TCP/IP, HTTP(S), etc.)
• 5+ years of experience in both Microsoft and Linux operating systems
• Strong familiarity with industry security standards such as NIST, DoD, FIPS, ISO, FedRAMP
• Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley

• Familiarity with web-related technologies (Web applications, Web Services, Service-Oriented Architectures) and of network/web related protocols
• Vulnerability Management experience required (Nessus, Qualys, OpenVAS)
• Network Systems and Device Hardening (CIS Security Baseline Configurations / DISA STIG preferred)
• Programming and Scripting languages (Python, PowerShell, Linux shell preferred)
• Experience building secure software based on frameworks such as OWASP, BSIMM, and SANS
• Experience securing cloud infrastructure and applications
• Knowledge and experience with cloud-based platforms (Azure/AWS/Google Cloud/etc.)
• Experience with methodologies and security testing tools for threat analysis of complex applications and services, including threat modeling, software fuzzing, static and dynamic analysis, and penetration testing (Kali Linux, Burp Suite, Metasploit, Veracode)
• Advanced communication, presentation, and analytical skills

Education

The equivalent of a bachelor’s degree in Management Information Systems or Computer Science or closely related field.

Any of the following certifications are desirable: Security+, CEH, CISSP, CASP