Security Engineering (Infrastructure and Security Engineering)

  • Competitive
  • New York, NY, USA
  • Permanent, Full time
  • Morgan Stanley USA
  • 22 Oct 18

Security Engineering (Infrastructure and Security Engineering)

Our Team

The Cyber Analytics Engineering team, part of the broader Enterprise Security Platforms organization, focuses on the evaluation, deployment and management of multiple key platforms that comprise the Firm?s core security infrastructure. We insure that our peer groups are equipped with the tools needed for efforts in the areas of data analysis and analytics, security controls and risk mitigation.

Role Description

An experienced Security Engineer with a background in scripting and development focused on security tooling is needed on the Enterprise Security Platforms Cyber Analytics Engineering team. The role is suited to an experienced engineer who has worked with security resources at Enterprise Scale in environments utilizing DevOps style resources. The role?s focus will be on expanding the Firm?s Vulnerability Management program to achieve both near and long-term control objectives including solution architecture, platform engineering and team based development to achieve automation and integration with Firm systems and processes.

Qualifications:

Responsibilities

? Research, architect, engineer and refine vulnerability scanning platforms in both the existing infrastructure as well as future Cloud based deployments
? Complete environment configuration, automation, build, and documentation tasks with a focus on reliability and ongoing supportability
? Develop tools and scripts to enable automation in configuration management, vulnerability data processing and integration through platform APIs scripting
? Work with global colleagues from both internal and external teams throughout the organization to provide solutions via ongoing communications and consistent processes
? Participate in technology evaluations and play an active role in suggesting improvements based on technology trends, best practices, industry standards and expanding needs in areas such as container and micro-service based scanning solutions

Required Skills

? 3+ years of experience in Python based scripting/development with clear awareness of sound design principles including the use of Regular Expressions, Process Management, Object-Oriented design and Performance Evaluation/Optimization
? Strong Linux System Administration experience and broad general *nix platform knowledge
? Familiar with, and history of utilizing, fundamental Cyber Security Principles in platform implementation and code development
? Understanding of DevOps concepts and experience working with tools to assist in automation and end-user process management
? General networking and security knowledge in areas such as Firewalls, TCP/UDP, Routing/Switching, DNS, NAT, Packet Tracing and Analysis
? Exceptional communication and interpersonal abilities as a flexible, self-driven team member
? Strong task management and organizational skills
? Ability to demonstrate broad exposure to various technologies - Preferably in a global environment in the finance industry or an industry at a similar scale

Desired Skills

? Experience with Vulnerability Management platform administration (Qualys preferred)
? Knowledge of common configuration management and continuous integration tools such as Chef, Puppet, Ansible and Jenkins
? Experience with Docker, Kubernetes and other container orchestration tools
? Knowledge or experience with security areas such as Container security, Common Vulnerabilities and Exposures (CVE) and Common Platform Enumeration(CPE)
? SDLC experience using systems such as JIRA and Git
? Experience with Cloud based administration, deployment and development on AWS or comparable cloud providers