Senior Cybersecurity Engineer

Senior Cybersecurity Engineer page is loaded## Senior Cybersecurity Engineer remote type:
Hybrid locations:
NJ-Warren:
NY-NYC (Ave of Americas) time type:
Full time posted on:
Posted Todayjob requisition :
JR-000726

MSIG USA continues to grow!
** Company Overview:
** is the US-based subsidiary of , one of the world’s top P&C carriers and a global Class 15 insurer, with A+ ratings and a reach that spans 40+ countries and regions. Leveraging our 350-year heritage, MSIG USA brings the financial strength, expertise, and global footprint to offer commercial insurance solutions that address your business’s unique risks.
** Summary/

Job Purpose:

** The Senior Cybersecurity Engineer will support the Information Security Officer in designing, developing, and implementing cybersecurity and IT security solutions for MSIG – North America. Responsibilities include managing Azure NSG, WAF, VPN devices, load balancers, firewalls, and other security infrastructure.
*
* Essential Functions:

*** Identify, assess, and mitigate risks to ensure data and system security and integrity. Manage and maintain the vulnerability and patch management program.
* Ensure compliance with regulatory requirements and industry standards, including PCI, NYDFS, and NIST.
* Collaborate with the Information Security Officer to develop and implement robust security architectures and designs to protect against cyber threats.
* Lead and execute cybersecurity projects from conception to completion, ensuring effective security measures are deployed.
* Monitor and manage IPS/IDS managed services, both internal and outsourced.
* Maintain and update a comprehensive information security program that includes policies and processes to minimize risk and ensure data integrity and availability.
* Evaluate and implement tiered defensive posturing systems and policies to defend against malware threats.
* Create and maintain information security policies, standards, controls, and procedures to comply with evolving laws and regulations.
* Use a risk-based approach to secure applications, databases, or infrastructure based on technology and business needs.
* Manage testing and vulnerability analysis, including third-party scanning, pen testing, and network security providers.
* Oversee the Identity and Access Management Platform – OKTA and Azure AD.
* Administer Illumio and Zscaler for micro-segmentation and zero trust security models to reduce attack surfaces and limit lateral movement within the network.
* Conduct phishing simulation training programs to educate employees on identifying and avoiding phishing attacks.
* Resolve security-related cases escalated by Level 1 Helpdesk.
* Handle proxy issues requiring manufacturer intervention for final resolution.
* Maintain documentation and continuously improve existing infrastructure, network/security, and audit standards.
* Manage and maintain technologies such as antivirus, encryption systems, firewalls, access, and authentication technologies.
*
* Supervisory Responsibilities:

** Manage off-shore support resources and vendors supporting email and security applications.
*
* Qualifications:

**
* ** Problem Solving:
** Identifies root causes and resolves issues promptly.
* ** Teamwork:
** Balances team and individual responsibilities effectively.
* ** Customer Service:
** Responds to end-user issues promptly.
* ** Judgment:
** Makes timely and sound decisions.
* ** Planning/Organizing:
** Prioritizes and plans work activities efficiently.
* ** Quality:
** Demonstrates accuracy and thoroughness.
* ** Initiative:
** Volunteers readily, engages in self-development, and seeks increased responsibilities.
* ** Innovation:
** Displays original thinking and creativity.
** Education and Experience

Required:

*** Bachelor's degree in computer science or a related field.
* 5 to 7 years of technical experience in a security environment.
* Over 3 years of experience with Security Information and Event Management (SIEM) tuning and reporting.
* 5 to 7 years of experience in managing security for users, platforms, and devices, including authentication, access controls, authorization, and integration of enterprise directories with other systems in large, complex environments.
*…