Lead Information Security Engineer New York, NY

Premier NYC legal organization has an immediate need for a Lead Information Security Engineer that will design, integrate, implement and monitor the firm's information systems and security infrastructure. This role is remote for now, and then onsite 2-3 days/week in the future. Responsibilities: In conjunction with Information Technology Operations personnel, leads the design, implementation and support of security measures including but not limited to: Cloud Security, Vulnerability Management, Email Security, Endpoint Security, Document Management Systems, Privileged Account Management, Advanced Threat Defense, Data Loss Prevention, Incident Response. Leads the monitoring and investigation of security related activity identified in logs and alerts from those systems. Evaluates proposed IT projects and emerging technology while making security recommendations to ensure the risk is controlled at an acceptable level. Leads the analysis, resolution, and communication of cyber security problems and issues. Performs various assurance and auditing activities to ensure that the security controls are designed and implemented appropriately. Develops and maintains appropriate escalation procedures for the different types of alerts that the various monitored systems generate. Evaluates threat intelligence feeds, vulnerability reports, security exploit reports, and other information security notices as needed and makes recommendations to internal management and technical staff to take precautionary steps. Administers the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management. Interprets information security policies, standards, and other requirements and assists with their implementation. Requirements: Previous financial services, professional services or law firm experience desired. Must have at least one security certification (CISSP, CISM, SANS, etc.). Minimum 7 years of progressively advancing hands-on experience in Information Security field with track record of success. Knowledge of or experience with ISO 27001 framework is desired. Expert knowledge of information security methodology and tools such as access control, threat intelligence, zero-day threats, incident response and vulnerability management tools. Strong hands-on experience in Azure cloud security, network architecture and security assessment. Ability to work in a team environment, as well as independently. Strong analytical skills. Data privacy and other compliance experience are a big plus.