The successful candidate will be a subject matter expert with hands-on experience in a wide range of security technologies, tools and methodologies.
The role is suited for an experienced Windows Engineer with proven understanding in enterprise security and will focus on building toolsets and processes to support the Information Security Program (ISP).
The team fosters a collaborative environment and is building a best in class program to partner with the business to protect the Firm’s information and computer systems.
Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.
Principal Responsibilities
- Provide a high level of security consultancy and engineering support for Windows/Azure security solutions including analysis and development of Windows security solutions.
- Provide architecture assurance on Windows security initiatives and compliance of existing security standards.
- Contribute to the vision, strategy, and drive design and implementation for Authentication platforms both on premises and in the cloud
- Provide security consultancy and engineering support for SAML, OIDC and Kerberos authentication across different Identity providers, including analysis and development of SSO, PKI, and other authentication solutions.
- Able to demonstrate clear understanding of current risks and threats related to Identity Management at technical and managerial levels.
- Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to key business initiatives and strategies.
- Participate in Information Security Incident Response activities for the Firm’s environment.
- Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
- Liaison with key stakeholders to create and enforce policy including Technology organization, Trading units, Legal, Internal Audit, and Compliance.
- Lead the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies.
- Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production - and provide mentoring to junior level security professionals.
- Develop and maintain documentation of all Security products including specific tools, technologies and processes.
Qualifications/Skills Required
- Bachelor’s degree in Computer Science or Engineering preferred. 7 + years experience working in a technical role with a minimum of 2 + years experience focusing on information security in the financial industry (preferred).
- Excellent understanding and experience of engineering Microsoft security solutions – including desktop and server operating systems, EntraID, Active Directory, Group Policy, Desired Configuration State, DNS, Messaging.
- Ability to understand code in C#/.NET and strong scripting experience in PowerShell
- Experience managing IaaS, SaaS solutions and services using CI/CD pipelines. Jenkins, Terraform experience is a strong plus
- Solid understanding of SAML, OIDC and Kerberos authentication and related technology controls and best practices.
- Experience with Office 365 security controls including usage of Azure Active Directory, Conditional Access, o365 logging APIs, Microsoft CAS, and Microsoft Authenticator.
- Understanding and experience with implementing Data Loss Prevention (DLP) solutions, policies, and technologies.
- Understanding of Azure Information Protection (AIP) and its components, including labeling, classification, and encryption.
- Ability to develop and implement strategies to ensure compliance with data protection regulations, such as GDPR or HIPAA, utilizing DLP and AIP solutions.
- Strong knowledge and experience in a variety of security technologies including: EDR, SIEM, Vulnerability Management is a plus
- Possess a passion for Information Security and Technology.
- Able to prioritize in a fast moving, high pressure, constantly changing environment; high sense of urgency
- Ability to work independently and think proactively.
- Ability to communicate and collaborate across teams.
- Relevant security certification (CISSP, GCIA, CISM, etc.) and/or product certifications (PingFederate, Azure