Senior Infrastructure Security Engineer (Permanent – Onsite – New York, NY)

Senior Infrastructure Security Engineer (Permanent – Onsite – New York, NY)

A leading financial firm is seeking a highly skilled and strategic Senior Infrastructure Security Engineer to join their vital Information Security team. This permanent position, based onsite in New York, NY, is absolutely pivotal in strengthening and continuously evolving the company’s robust infrastructure security within a complex, high-stakes, and fast-paced IT environment.

What You’ll Be Doing: Core Responsibilities in Advanced Infrastructure Security

As a Senior Infrastructure Security Engineer, you’ll be at the forefront of designing, implementing, and enhancing the security posture of critical systems. Your role blends deep technical expertise with strategic leadership and cross-functional collaboration, driving security innovation within a demanding financial landscape.

• Collaborate Across Teams to Enhance Security Posture: You’ll be instrumental in collaborating across various teams within the organization to proactively support and continuously enhance the company’s overall security posture. This involves engaging with development, operations, cloud engineering, and other IT departments to embed security throughout the entire system lifecycle, ensuring a cohesive and strong defense strategy.
• Conduct Security Assessments for New and Existing Systems: You’ll regularly conduct comprehensive security assessments for both new and existing systems. This includes meticulously evaluating infrastructure components, applications, and configurations for vulnerabilities, misconfigurations, and adherence to security best practices. Your assessments will identify potential risks and inform remediation efforts.
• Design, Develop, and Maintain Tools for Internal Security Operations: You’ll take a hands-on approach to security by actively designing, developing, and maintaining custom tools that improve internal security operations. This involves automating security tasks, building dashboards for monitoring security metrics, and creating utilities that enhance vulnerability management, threat detection, or incident response capabilities, thereby increasing the efficiency and effectiveness of the security team.
• Lead Strategic Security Initiatives: You’ll spearhead critical and strategic security initiatives that directly shape the firm’s defense capabilities. This includes:
  • Implementing Zero Trust architecture in Linux environments: Leading the design and deployment of Zero Trust principles within the Linux ecosystem, ensuring that no user or device is trusted by default, regardless of whether they are inside or outside the network.
  • Shaping security frameworks for AI infrastructure: Developing and defining robust security frameworks specifically tailored for the unique challenges and risks associated with Artificial Intelligence (AI) infrastructure, ensuring the integrity, confidentiality, and availability of AI models and data.
  • Integrating TLS client authentication into existing systems: Leading efforts to integrate TLS (Transport Layer Security) client authentication into existing systems, enhancing cryptographic security and ensuring mutual authentication between clients and servers.

What’s Needed: Your Foundational Expertise and Advanced Skills

To excel as a Senior Infrastructure Security Engineer, you’ll need extensive experience in infrastructure or site reliability engineering, a strong grasp of security fundamentals, and proficiency in programming.

• Extensive Experience in Infrastructure or Site Reliability Engineering: You must possess 10+ years of verifiable experience in infrastructure or Site Reliability Engineering (SRE), coupled with a strong track record of hands-on security implementation. This extensive background demonstrates your ability to build, maintain, and secure complex, highly available systems at scale.
• Strong Grasp of Security Fundamentals: You’re required to have a strong, in-depth grasp of security fundamentals, including:
  • Protocols: Deep understanding of secure communication protocols such as TLS (Transport Layer Security) for encryption, OIDC (OpenID Connect) for identity verification, and FIDO2 for strong, passwordless authentication.
  • Cryptography: Solid knowledge of cryptographic principles, including encryption algorithms, hashing, digital signatures, and key management best practices.
  • Access Control: Expertise in various access control models (e.g., RBAC, ABAC), privilege management, and securing access to critical resources.
  • Application Security: A thorough understanding of common application security vulnerabilities and remediation techniques, including familiarity with concepts like the OWASP Top 10 web application security risks.
• Proficiency in Programming Language and Modern Development Practices: You must be proficient in at least one programming language (e.g., Python, Go, Java, C++), enabling you to develop security tools, automate processes, and conduct code reviews. This is coupled with familiarity with modern development practices such as DevOps, CI/CD, and Infrastructure as Code.
• Eagerness to Learn and Contribute Beyond Core Responsibilities: You demonstrate a genuine eagerness to learn and contribute beyond your core responsibilities, especially in rapidly evolving and emerging areas like AI security. This proactive mindset and commitment to continuous learning are vital in the dynamic cybersecurity landscape.
• Strong Communication Skills: You possess strong communication skills, both verbal and written, with the crucial ability to explain complex technical concepts clearly to non-technical stakeholders. This ensures that security risks and recommendations are understood across all levels of the organization, facilitating informed decision-making.

What’s In It For You: Impact, Growth, and Exceptional Compensation

This permanent Senior Infrastructure Security Engineer position in New York, NY, offers a compelling environment for professional growth and significant impact within a leading financial firm.

• Exceptional Compensation Package: You will receive a competitive base salary ranging from USD $250,000 to $300,000, reflecting the senior-level expertise and critical nature of this role. This is complemented by a first-year guaranteed bonus, providing immediate recognition for your contributions.
• Comprehensive Benefits: Access a comprehensive benefits package that prioritizes your well-being, including robust health and prescription coverage, generous 401(k) matching to support your long-term financial goals, wellness and family support programs, and charitable donation matching, allowing you to contribute to causes you care about.
• Pivotal Role in Financial Security: You’ll play a pivotal role in strengthening and evolving infrastructure security for a leading financial firm. Your work directly protects highly sensitive data and critical financial systems from sophisticated cyber threats, offering a profound sense of purpose and high-impact contributions.
• Exposure to Complex IT Environment: You will gain extensive exposure to a complex and fast-paced IT environment, challenging your skills and deepening your expertise in securing distributed systems, cloud infrastructure, and cutting-edge technologies.
• Leadership in Strategic Initiatives: You’ll have the opportunity to lead strategic initiatives such as implementing Zero Trust architecture and shaping security frameworks for AI infrastructure, positioning you at the forefront of cybersecurity innovation.