Full Time OTI - 7-858-0551A MYCITY SR SECURITY ENGINEER
New York, NY
Outcomes. Delivered.
Voyatek, formerly GCOM Software and OnCore Consulting, delivers outcome-driven technology solutions to public sector agencies and higher education institutions nationwide.
For example, our technology:
Facilitates access to nutritious food for children of mothers participating in the WIC program
Supports first responders in reducing opioid overdoses within their communities
Empowers colleges and universities to identify and thwart financial aid fraud
Equips teachers with valuable insights to identify students requiring additional support
Enhances efficiency for state tax agencies, leading to 99% faster return processing and quicker refunds for taxpayers
With a focus on Tax & Revenue, Health & Human Services, and Justice & Public Safety, Voyatek combines the scale to support large complex projects with the agility and accessibility of a boutique solutions provider. Together, Voyatek and its customers work to improve population wellbeing, create safer communities, and foster a thriving economy.
We're more than a technology company -- we're an outcomes company.
We encourage our employees to think differently, ask tough questions, and relentlessly pursue what's best for our customers and the residents they serve.
We believe that the value of technology is defined by its human impact. If you agree, you've come to the right place.
Voyatek is seeking applicants to occupy the position of MYCITY Sr. Security Engineer within our NYC Office of Technology and Innovation team located in New York, NY (Onsite).
Key Responsibilities:
The resource's function is essential to securing the City of New York's systems for the MyCity Portal development project. This requires strong security controls over cloud identities and endpoint devices. The hardening of cloud ecosystems through well-designed frameworks is critical in protecting the City of New York systems and data from various cyber attacks.
Perform organization wide cybersecurity risk analysis and maintain updates on the identified risks
Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the organization
Create and follow a process to track progress against cybersecurity plans
Lead the implementation of cybersecurity initiatives for MyCity Portal development project
Create network architecture diagrams, collect communication flow information, and build high level and low level design documents
Work on complex network problems, interact with vendor support teams, and drive the issue to resolution
Translate compliance requirements into specific security controls and present compensating security controls
Report to upper management on current cybersecurity posture and progress on mitigating identified risks
Identify cybersecurity gaps and maintain a risk register
Create metrics to measure cybersecurity controls efficacy
Work with partners to create and maintain incident response plans
Monitor and respond to alerts
Review and optimize existing cybersecurity controls
Ensure the organization compliance with cybersecurity best practices, policies and standards
Enforce endpoint security standards
Analyze vulnerabilities and work with Application Development, IT and Systems teams to ensure timely remediation and validation
Perform threat simulations to detect possible risks and provide cybersecurity recommendations on topics like network perimeter, identity management, API security, microservices design and /or application development
Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
Mandatory Qualifications:
Bachelor's degree in Computer Science, Information Systems or equivalent work experience
At least 12+ years of experience in information security
At least 8+ years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
At least 8+ years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
At least 4+ years of experience working in cloud environment (Azure, AWS, GCP)
At least 4+ years of experience working in securing Internet-facing applications, utilizing WAF technologies (eg: Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor, AWS CloudFront and WAF, and similar reverse-proxy technologies)
At least 4+ years of experience working with tools and techniques for collecting and processing Network Security Telemetry and Security Event Data.
At least 4+ years of experience architecting, deploying, and managing endpoint security and EDR technology
At least 4+ years of experience using scripting languages (Python, Bash, Powershell, etc.)
At least 4+ years of experience with Windows, Linux, or MacOS administration
At least 4+ years of experience working with vulnerability management and scanning tools
At least 4+ years of experience working with application scanning tools
Desired Qualifications:
Experience in implementing and operating Network Security Telemetry Collection Systems in multi-cloud and on-prem environments
Experience in implementing and operating Data Loss Prevention Systems
Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy
Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls
Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra ID
Strong understanding of CIS controls
Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems
Experience with SSO products and services such as Entra ID, PingFederate, or Okta
Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies
Familiarly with CASB/SASE products
Experience with Cloud-based EDR/XDR tools
Knowledge of endpoint security management, configuration policies, and procedures
Experience with asset management and on-prem/cloud-based vulnerability management tools
Highly flexible/willing to learn new technologies
Highly organized with excellent analytical, problem solving and decision-making skills
Excellent communication and collaboration skills
We encourage you to apply if you think you are a good fit for us. Check out our career website for all open positions!
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions. This includes, but is not limited to, skill sets, experience and training, licensure and certifications, and geographic location. At Voyatek, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current hourly range is $113.00 to $123.00
As part of our commitment to maintaining a compliant workplace, all final candidates will undergo and must pass a comprehensive background screening prior to starting work. This screening may include, but is not limited to, verification of employment history, education, criminal records, and other relevant checks. For certain positions, additional client-specific background screenings may be required in the future, in accordance with client requirements.
Voyatek does significant work with Federal and State tax and revenue authorities. If applicable, hires for these projects will be required to obtain a Federal Public Trust Clearance (Moderate Background Investigation). This clearance process may start upon offer acceptance; however, this clearance must be obtained prior to working on these projects.
Voyatek provides equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, ancestry, national origin, citizenship, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status or domestic violence victim status, religion, age, disability, genetic information, service in the military, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Equal employment opportunity applies to all terms and conditions of employment, including recruitment and hiring, job assignment/placement, promotion, upgrading, demotion, termination, layoff, recall, transfer, leave of absence, rates of pay or other compensation, internship, and training.
