Security Engineer

Aspen Capital New York , NY 10001

Posted 7 days ago

Aspen Capital is seeking a Security Engineer to join our team. This position will partner closely with our engineering and IT teams in developing, maintaining, and enhancing the companys security infrastructure. Data and Security is key to our future and we want to partner with engineers who bring a passion for data and company building.

We are in a phase of rapid growth driven by increasing demand for our services. To meet this demand, we are looking to hire exceptional developers to work alongside our existing team. Together driving our platform and services forward.

Day to day you will

  • Manage the day to day execution of our cyber security strategy which includes building out new capabilities and systems to stay ahead of the threats
  • Perform security analysis of phishing and impersonation emails, alerts from MSSP, logs and various internal systems. Escalate security events to appropriate team members and/or leadership as necessary
  • Perform and support vulnerability management, investigation and remediation efforts, risk assessments and security architecture reviews
  • Actively find security risks, recommend remediation and mitigation techniques, clearly articulate the issues to affected teams, and work with them to resolution
  • Manage and support ongoing security-related compliance activities such as user re-certification and penetration testing related to SOC I and SOX
  • Help development teams with AppSec

Requirements

  • Bachelors Degree in Computer Science or Information Technology; Cyber Security is preferred
  • 3+ years of experience working in a software company in a security engineering position either directly with development teams or in support of teams in addition to having experience with tools such as Qualys, SumoLogic, DataDog, Splunk, DLP, firewalls, endpoint protection, MDM, log correlation and packet analysis tools, among others
  • Excellent written and verbal communication with the ability to explain complex technical concepts to non technical audiences
  • Production security engineering experience in AWS and Azure environments
  • Working familiarity with NIST Cyber Security framework
  • Ability to articulate ROI to executives when it comes to security investments
  • Ability to quickly build strong working relationships across the organization

Benefits

Work with cutting-edge technology. Data Science is in the DNA of Aspen Capital and we hope it is in yours as well. Join us as we rewrite the rules of residential and commercial mortgages and real estate.

We are a private equity firm based in Portland, OR and New York, NY. We utilize data and technology to enhance business insight, propel growth, transform our investment strategies and business operations, and execute industry-leading deals. The unique Aspen Capital worldview is reflected in a nimble, efficient organizational structure that allows the company to capitalize on market demands, seize business opportunities and excel in a wide range of roles including investment, lending and servicing, acquisitions, management, joint ventures, asset management, recapitalization and advisory services.

We offer competitive salary and a great benefits package including medical, dental, and vision insurance, covering 100% of the employee premiums and 50% for dependents. We provide life insurance, short & long term disability insurance, 15 days of PTO, 8 paid holidays and a 401(k) plan with company match up to 4%. We have a dog friendly work environment, and casual dress.

*We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

*We maintain a drug-free workplace and perform pre-employment substance abuse testing.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Engineer

Warner Music Group Corp.

Posted 4 days ago

VIEW JOBS 4/16/2021 12:00:00 AM 2021-07-15T00:00 Job Description: At Warner Music Group we're all about our people. Our global company is made up of knowledgeable, passionate, and creative individuals. Our commitment to Diversity, Equity and Inclusion fosters a culture where you can truly belong, contribute, and grow. We believe in each individual's value and encourage applications from people of any age, gender identity, sexual orientation, race, religion, ethnicity, disability, veteran status, and any other characteristic or identity. It is the mission of every member of the WMG team around the world to create a nurturing environment for artists, songwriters, and the people behind the music - at every stage of their career. We strive to set WMG apart by embracing innovation - an integral part of our company's DNA. Consider a career at WMG and be a part of one of the most influential forces in culture today. A little bit about our team: Global team of dynamic, creative and collaborative problems solvers working together to build highly secure and scalable solutions to drive innovation and operational excellence. This represents a technical and experienced position in the IT organization. This position will be called upon to represent IT organizations by internal and external organizations. An individual in this position is responsible for making the production systems more reliable by performing day-to-day operations including system monitoring, troubleshooting, problem identification, resolution and restoral following established and documented procedures and with minimal direction. This group is the digital thought and technology collective working with world class creative Media & Entertainment executives and their teams; acting as the trusted operators and strategic partners with them to deliver the best possible outcomes. Why this could be your next big break: This is an opportunity to move the needle and make a significant impact within a large global enterprise. Responsibilities include coordinating projects and resources as new business offerings and technologies are developed and implemented within Warner Music Group. Requires excellent communication and technical skills, while working closely with all business units within Warner Music Group in determining design criteria and proof of concept as they relate to each business offering. Other functionality includes acting as engineering liaison to outside engineering entities, project budget management, staffing development and vendor management. Collaborate, design and implement ideas with business leaders from whiteboard to digital delivery and be a true partner with our business leaders. Recognize that as a Service Organization we're there to partner and steward the organization to operate efficiency, drive revenue and manage risk. Here you'll get to: * Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers * Develop security strategy plans and roadmaps based on sound enterprise architecture practices * Participate in application and infrastructure projects to provide security-planning advice * Determine and refine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM) * Validate security configurations, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems * Perform regular vulnerability testing of enterprise services and applications, assess results, prioritize, and coordinate remediation efforts with colleagues * Ability to leverage SIEM platform for conducting forensic security investigations and identifying potential indicators of compromise (IOCs). Develop and use advanced, customized tools and scripts to enhance security assessments and proactive alerting * Review all security reports and logs for unusual or anomalous activities * Ability to perform secure application code review, and coordinate with development teams to advocate secure coding practices. Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts * Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data * Review all existing and new security technologies, tools and services, and make recommendations to the broader infrastructure team * Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle * Participate in all information security related incident response activities * Stay abreast of information security events, news, trends and evolving legislative/regulatory changes About you: 10+ years previous hands-on network administration using the following skills: * Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology * Verifiable experience reviewing application code for security vulnerabilities * Direct, hands-on experience or strong working knowledge of vulnerability management tools * Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services * Full-stack knowledge of IT infrastructure: * Applications * Databases * Operating systems - Windows, Linux, Mac OSX * Hypervisors, Cloud Computing * TCP/IP networks - WAN and LAN * Storage networks - Fibre-Channel, iSCSI and NAS * Modern Authentication Protocols- SAML, OAUTH * Cryptography - Asymmetrical/Symmetrical encryption, hashing * Scripting - PowerShell, Python, Bash, etc. * Experience leading high profile security projects It would be music to our ears if you also had: * Direct experience designing IAM technologies and services: * Active Directory * Amazon Web Service (AWS) * Strong working knowledge of IT Service Management (e.g., ITIL-related disciplines): * Change management * Configuration management * Asset management * Incident management * Problem management * Regulations, Standards and Frameworks * Payment Card Industry Data Security Standard (PCI-DSS) * Sarbanes-Oxley * General Data Protection Regulation (GDPR) * NIST Cybersecurity Framework (CSF) About us: With its broad and diverse roster of new stars and legendary artists, Warner Music Group is home to a collection of the best-known record labels in the music industry including Asylum, Atlantic, East West, Elektra, FFRR, Fueled by Ramen, Nonesuch, Parlophone, Rhino, Roadrunner, Sire, Warner Records, Warner Classics and Warner Chappell Music, one of the world's leading music publishers with a catalogue of more than one million copyrights worldwide. For more than four decades, WMG has been an industry-leading force in providing a world-class array of services designed to help artists and labels grow their careers and their businesses. Artist & Label Services is the umbrella for WEA (Warner-Elektra-Atlantic) - the pioneering WEA distribution and marketing network - and Alternative Distribution Alliance (ADA) - the ground-breaking global distribution company for independent artists and labels. Love this job and want to apply? Click the "Apply" link at the top of the page, or apply directly with your LinkedIn. Applying with LinkedIn will import all of the information you put in your profile, but will still allow you to upload a resume and cover letter. Don't be discouraged if you don't hear from us right away. We're taking our time to review all resumes, and to find the best people for WMG. Thanks for your interest in working for Warner Music Group. We love it here, and think you will too. WMG is committed to inclusion and diversity in all aspects of our business. We are proud to be an equal opportunity workplace and will evaluate qualified applicants without regard to race, religious creed, color, age, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, marital status, medical condition as defined by state law (genetic characteristics or cancer), physical or mental disability, military service or veteran status, pregnancy, childbirth and related medical conditions, genetic information or any other characteristic protected by applicable federal, state or local law. Copyright © 2021 Warner Music Inc. Warner Music Group Corp. New York NY

Security Engineer

Aspen Capital