Location Designation: Hybrid
When you join New York Life, you’re joining a company that values career development, collaboration, innovation, and inclusiveness. We want employees to feel proud about being part of a company that is committed to doing the right thing. You’ll have the opportunity to grow your career while developing personally and professionally through various resources and programs. New York Life is a relationship-based company and appreciates how both virtual and in-person interactions support our culture.
Primary Responsibilities:
The Group Membership division at New York Life (NYL) Insurance Company is seeking an experienced and reliable Senior Information Security Analyst for a multi-dimensional role within it’s Security Operations Unit. As part of the role’s primary function, the individual will coordinate security risk & technical assessments of the department’s third party vendors and partners. Specifically, the individual will work as a member of the Cybersecurity team and will be responsible for assessing the security posture of vendors and partners by coordinating and/or conducting remote and/or onsite Security and/or Technical Assessments. The individual will provide consultative support to third party partners, participate in corporate run security reviews, report on assessment outcomes, perform issue management, and develop associated risk treatment plans to ensure compliance with contractual requirements, corporate policy and standards, and state/federal regulations.
Additionally, the individual will provide backup subject matter expert (SME) support services to other members of the team. In this capacity, the individual will monitor internal as well as Third Party based systems and applications for threats and vulnerabilities. Furthermore, the individual will assist with Security Testing (Application Scans, Regression Testing, Manual Penetration Testing, Blue Team / Whitebox Testing) of the division’s mission critical business applications. As part of this secondary function the individual will also provide, SME support for Special Projects as well as provide Tier 2 tech support for issues relating to mission critical applications.
Requirements:
Since the individual will be conducting technical assessments, engaging in vulnerability management, and performing security testing and monitoring, it is necessary that the candidate have an expert understanding of network layer protocols & industry best practices. Ideally, the candidate will have experience with network devices, operating systems (Windows/Linux), databases (SQL Server/Oracle), Cloud platforms (Azure / AWS) and Email/FTP/Web/Database/DNS Servers. Additionally, the candidate should have an excellent understanding of Security Principles and Techniques (encryption, authentication, DLP, etc), Network / Infrastructure / Cloud Architecture and IT Security standards and best practices.
Furthermore, the ideal candidate should have the following:
• BS / BE in Information Systems, Engineering, Computer Science, or related field
• At least 1 Certification in Information Security (CISSP, CISM, CRISC, CISA, CEH or equivalent)
• A Certification in any of the following: A+, Network+, MCITP, MCSE, CCNE or Equivalent
• At least 5 years of related experience (should include experience in operating systems, network, and/or application security.)
• Knowledge of network and web-related protocols (e.g., TCP/IP, FTP, HTTP, Telnet, DNS etc.)
• Knowledge of / experience with common security frameworks and / or standards including PCI DSS, ISO27001/2, NIST and OWASP
• Knowledge of Security Protocols and methods (e.g., SSL, SSH, IPSec, PGP, TLS, VPN, etc.)
• Familiarity with state/federal regulations, e.g., NY DFS, HIPAA, SOX, etc
• Strong written and verbal communication skills
• Experience with common Security systems, technologies and/or strategies such as IPS/IDS, VPN, SIEM, network scanners, Firewalls, DLP and Privileged Account Management
• Knowledge of Cloud platforms (Azure, AWS)
• Strong organizational and interpersonal skills
• Superior attention to detail
• Familiarity with domain structures (Active Directory), user authentication concepts (multifactor), and encryption principles
• Position may include travel (up to 25%)
This role will follow a hybrid schedule working in our White Plains office on Wednesday’s and remote the rest of the week.
#LI-JS1
#LI-HYBRID
Salary range: $105,000-$160,000
Overtime eligible: Exempt
Discretionary bonus eligible: Yes
Sales bonus eligible: No
Click here to learn more about our benefits. Starting salary is dependent upon several factors including previous work experience, specific industry experience, and/or skills required.
Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We’re proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.
Job Requisition ID: 88724