This site uses cookies. To find out more, see our Cookies Policy

IT Security Consultant - Vulnerability Management in New York, NY at Vaco

Date Posted: 5/16/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity in Vulnerability Management Engineering? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our Vulnerability Management Engineering Team. With Vaco, you will have an advantage over your competition! Our recruiters have direct relationships with hiring managers, so they can connect your work experience to the open job-promoting your strengths to the manager while preparing you for that specific interview.

Our recruiters will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, company culture and growth opportunities. If you're an experienced, and you want to partner with the best, apply today!

Are you interested in improving the cyber risk protection of leading companies? If your response is yes, consider joining Deloitte & Touche LLP's growing Cyber Risk Vigilant Fusion Center. Our Fusion Center analysts and engineers assist our clients with identifying unauthorized activities and intrusions in their networks in real time.

Work you'll do

  • The Managed Threat Services Engineer position supports the Security Operations Center (SOC) as an advanced escalation point identifying and addressing potential information security incidents. This role is also responsible for supporting architecture changes, tool deployments and advanced content development:
  • Onboard advanced data sources, create new custom parsers and SIEM architecture assessment and design reviews
  • Help define, implement and monitor key risk indicators and key performance indicators (KRIs/KPIs).
  • Keep abreast of latest IT security, regulatory and compliance trends to support, compare and contrast analysis across various risk models. Understand how to take this knowledge and apply it to the SOC.
  • Deliver advisory support and education relating to the SIEM to other technology personnel and to technology management.
  • Assist in Use Case Roadmap development for client and updating Use Cases into UC Repository
  • Advanced Use Case development (Use Case from Roadmap as well as hunting related UCs)
  • Help structure our content development pipelines across clients based on the maturity of the client environments as well as the latest trends in security
  • Review and critique system security plans, network diagrams, and other security documentation as part of vulnerability engagements
  • Develop scripts to simplify data collection and other laborious tasks that are necessary to occur throughout onboarding of log sources
  • Review and critique system security plans, network diagrams, and other security documentation as part of vulnerability engagements
  • Quality review for HLUC, TUC, UC Testing, Parser, Runbooks and other Technical documents
  • Submitting documentation through the QRM process
  • 24/7 on-call support (as needed)
  • Be the central POC for all escalations
  • Managing and providing knowledge transfer to Junior Cyber Security Engineers
  • Coordinate with various technical groups and attend in-person client meetings
  • Build relationship with client counterpart (i.e. Lead Security Engineer on Client side)
  • Participation in rotation with the Analysts and SOC Operations Lead as part of training
  • Travel requirement: Less than 10%
  • Location requirement: Work can be done remotely from any location in the US.