Overview
Cloud Identity Security Engineer III Jobs in New York, NY at Weill Cornell Medicine
Job Information:
BDO is seeking an IT Security Manager who will oversee all aspects of IT security across the Public Sector organization, ensuring compliance with regulatory standards, managing risk, and safeguarding information assets. This role requires an in-depth understanding of industry security frameworks and government compliance requirements, including CMMC, FedRAMP, NIST standards, and STIGs. The successful candidate will lead strategic security initiatives, work collaboratively with IT & business teams, and develop & implement policies to protect our assets.
Job Duties:
Develops, implements, and manages BDO Public Sector’s IT security strategy to ensure comprehensive protection across all assets
Ensures compliance with industry security standards and government regulatory requirements
Oversees and assesses the implementation of security measures across systems, applications, and networks, particularly in relation to Microsoft Government Community Cloud High (GCC High) and Microsoft Azure Government
Conducts regular risk assessments and audits, identifying vulnerabilities, and implementing corrective actions, leveraging tools like Microsoft Azure Sentinel and Tenable Nessus.
Manages the security incident response process, including investigation, mitigation, and reporting
Collaborates with internal teams and stakeholders to ensure security best practices are integrated into IT and business processes
Develops and delivers training and awareness programs for IT staff and end-users on security protocols.
Stays up to date with evolving security threats and compliance requirements to guide proactive security improvements
Conducts social engineering testing
Completes annual 40 hours of continuous learning, (may include professional memberships, forums, lunch and learns, roundtables, online training courses, and maintaining certifications)
Prepares and delivers security reports as required
Other duties as assigned
Supervisory Responsibilities:
Oversees and manages security activities including other security personnel
Qualifications, Knowledge, Skills, and Abilities:
Education:
High School Diploma or GED, required
Bachelor’s degree in computer science, cybersecurity, information technology, software engineering, information systems, or computer engineering, preferred
Experience:
Five (5) or more years’ experience with cybersecurity, information technology, software engineering, information systems, or computer engineering, required
Experience supporting a federal government contracting organization, preferred
Experience with a professional services firm, preferred
License(s)/Certification(s):
Certification such as CompTIA Advanced Security Practitioner (CASP), Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Leadership (GLSC), or Certified Information Systems Auditor (CISA), or Microsoft Security Architect (SC-100), required
Other certifications addressing security, risk management, security engineering, network security, identity & access management, security assessment & testing, or security operations, preferred
Software:
Proficiency in Microsoft Office Suites (Excel, PowerPoint, and Word), required; advanced proficiency, preferred
Other Knowledge, Skills & Abilities:
Ability to interact effectively with people at all organizational levels within the client organization and in the firm
Excellent verbal and written communication skills
Ability to work independently and collaborate within a team environment and with a customer service focus
Ability to follow instructions as directed
Superior organizational skills with the ability to multi-task in a fast-paced, deadline-driven environment
Ability to advise stakeholders on enterprise cybersecurity risk management
Ability to advise senior management on risk levels and security posture
Ability to create system cybersecurity reports
Ability to collect and maintain system cybersecurity report data
Ability to communicate the value of cybersecurity to organizational stakeholders
Ability to establish the enterprise continuity of operations program
Ability to apply STIG/SCAP to enterprise systems
Ability to determine if vulnerability remediation plans are in place
Ability to develop vulnerability remediation plans
Ability to support cybersecurity compliance activities
Ability to determine if acquisitions, procurement, & outsourcing efforts address cybersecurity requirements
Ability to conduct cybersecurity risk assessments
Ability to integrate black-box security testing tools into quality assurance processes
Knowledge of FAR and DFARS clauses
Knowledge of encryption algorithms
Knowledge of cybersecurity laws and regulations
Knowledge of cybersecurity policies and procedures
Knowledge of cybersecurity principles and practices
Knowledge of cybersecurity threats
Knowledge of cybersecurity vulnerabilities
Knowledge of cybersecurity threat characteristics
Knowledge of access control principles and practices
Knowledge of authentication and authorization tools and techniques
Knowledge of business operations standards and best practices
Knowledge of enterprise cybersecurity architecture principles and practices
Knowledge of risk management principles and practices
Knowledge of vulnerability data sources
Knowledge of incident response principles and practices
Knowledge of incident response tools and techniques
Knowledge of incident handling tools and techniques
Knowledge of information technology (IT) security principles and practices
Knowledge of system threats
Knowledge of system vulnerabilities
Knowledge of new and emerging cybersecurity risks
Knowledge of network attack vectors
Knowledge of hardening tools and techniques
Knowledge of encryption tools and techniques
Knowledge of penetration testing principles and practices
Knowledge of penetration testing tools and techniques
Skills in evaluating security products
Skills in creating system security policies
Join us at BDO, where you will find more than a career, you’ll find a place where your work is impactful, and you are valued for your individuality. We offer flexibility and opportunities for advancement. Our culture is centered around making meaningful connections, approaching interactions with curiosity, and being true to yourself, all while making a positive difference in the world.
At BDO, our purpose of helping people thrive every day is at the heart of everything we do. Together, we are focused on delivering exceptional and sustainable outcomes and value for our people, our clients, and our communities. BDO is proud to be an ESOP company, reflecting a culture that puts people first, by sharing financially in our growth in value with our U.S. team. BDO professionals provide assurance, tax and advisory services for a diverse range of clients across the U.S. and in over 160 countries through our global organization.
BDO is the first large accounting and advisory organization to implement an Employee Stock Ownership Plan (ESOP). A qualified retirement plan, the ESOP offers participants a stake in the firm’s success through beneficial ownership and a unique opportunity to enhance their financial well-being. The ESOP stands as a compelling addition to our comprehensive compensation and Total Rewards benefits* offerings. The annual allocation to the ESOP is fully funded by BDO through investments in company stock and grants employees the chance to grow their wealth over time as their shares vest and grow in value with the firm’s success, with no employee contributions.
We are committed to delivering exceptional experiences to middle market leaders by sharing insight-driven perspectives, helping companies take business as usual to better than usual. With industry knowledge and experience, a breadth and depth of resources, and unwavering commitment to quality, we pride ourselves on:
Welcoming diverse perspectives and understanding the experience of our professionals and clients
Empowering team members to explore their full potential
Our talented team who brings varying skills, knowledge and experience to proactively help our clients navigate an expanding array of complex challenges and opportunities
Celebrating ingenuity and innovation to transform our business and help our clients transform theirs
Focus on resilience and sustainability to positively impact our people, clients, and communities
BDO Total Rewards that encompass so much more than traditional “benefits.” Click here to find out more!
Benefits may be subject to eligibility requirements.
Equal Opportunity Employer, including disability/vets
Click here to find out more!
Title: Cloud Identity Security Engineer III
Company: Weill Cornell Medicine
Location: New York, NY