Title: Sr Technical Lead-Cybersecurity
Long Description
Job Description – Security Engineer (Hardening, Active Directory & Endpoint Security)
This role is ideal for a security professional with deep expertise in endpoint hardening, Active Directory security governance, and enterprise security configuration management.
Position: Security Engineer
Experience: 10 Years
Location: Flexible / Hybrid / Onsite - NYC, NY
Key Responsibilities
- Implement and maintain server and workstation hardening standards based on CIS Benchmarks and industry best practices.
- Perform security assessments, gap analysis, and remediation activities for Windows and Linux environments.
- Design, configure, and manage Active Directory Group Policies (GPOs) to enforce security controls and compliance requirements.
- Develop and maintain security baselines for servers, databases, and virtual environments.
- Configure and manage endpoint security solutions, including antivirus, EDR/XDR, application control, device control, and encryption technologies.
- Monitor endpoint security posture and remediate vulnerabilities identified through security scans and audits.
- Collaborate with infrastructure and application teams to implement security controls without impacting business operations.
- Conduct security reviews of AD configurations, privileged accounts, service accounts, and authentication mechanisms.
- Support vulnerability management activities, including risk assessment, remediation tracking, and compliance reporting.
- Create and maintain security documentation, hardening standards, and operational procedures.
- Participate in incident response activities related to endpoint and infrastructure security.
Required Skills
- Strong experience in Windows Server and Active Directory Administration.
- Hands-on experience implementing CIS Benchmarks for Windows, Linux, and endpoint systems.
- Expertise in Group Policy Objects (GPOs), security templates, and AD security best practices.
- Experience with endpoint security platforms such as Microsoft Defender for Endpoint, CrowdStrike, SentinelOne, Trellix, or Symantec Endpoint Security.
- Strong understanding of security controls including:
- Privileged Access Management (PAM)
- Multi-Factor Authentication (MFA)
- Endpoint Encryption
- Application Whitelisting
- Device Control
- Experience with one of the vulnerability management tools such as Tenable, Qualys, or Rapid7.
- Knowledge of security frameworks and standards including CIS, NIST, and ISO 27001.
- Scripting experience using PowerShell for automation and security policy deployment.
Preferred Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field.
- Security certifications such as:
- Security+
- Microsoft Security Certifications (AZ 500)
- Experience in implementing CIS Benchmark controls
- Experience in enterprise-scale security operations and compliance environments.
Key Competencies
- Security Hardening & Compliance
- Active Directory Security
- Group Policy Administration
- Server and Database Security
- Vulnerability Management
- Incident Response Support
- Security Automation
- Risk Assessment & Remediation
Area(s) of responsibility
Application Security Analyst
Experience
5 to 7 Years
Job Summary
Looking for an Application Security Analyst to represent Information Security in projects, conduct security reviews, risk assessments, and ensure secure design throughout the project lifecycle.
Key Responsibilities
Perform security architecture reviews
Conduct threat modeling and risk assessments
Review application and cloud security controls
Provide security recommendations and guidance
Track remediation of security findings
Support governance and compliance activities
Required Skills
Application Security
Security Architecture
Threat Modeling
Risk Assessment
OWASP Top 10
NIST ISO 27001 CIS Controls
Cloud Security AWS Azure GCP
CEH Certification Mandatory