Job Description
As a key component of the firms Technology organisation, the Cyber Data Risk and Resiliency (CDRR) departments mandate is to enable the Firm to manage its technology related risks. The CDRR department executes the first line of defence technology risk management capabilities and implements proactive, comprehensive, and consistent risk management practices.
CDRR protects the Firm's information, Endpoint systems, and Infrastructure from cyber and insider threats and ensures the secure and stable delivery of services to our clients. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and provides expert advice on secure design, development and control effectiveness.
The Team:
The mission of the Enterprise Security Platform (ESP) team is to implement the Firm's Cybersecurity Strategy by architecting, engineering, deploying, and operating technical security controls and capabilities for the Enterprise. This is achieved by continued focus on architectural rigor, automation, Agile delivery, and adoption of ESP's control implementations by our users and partners.
The Endpoint Security team design, develop and operate solutions that protect desktops, laptops, servers, and cloud resources from malicious internal and external threats by providing additional preventative, detective, and hardening controls and by enabling real-time endpoint detection and response capabilities. Further expanding our controls to cloud platforms (Azure/AWS) has presented an opportunity to join a growing team implementing key security controls for the firm.
Role Profile & Expectations:
· You will be part of a Global (North America, Europe, Asia) cross-disciplined Agile team working towards DevOps practices within the firms Endpoint Security team.
· You will have strong Windows Desktop/Infrastructure/Security knowledge and experience working in very large enterprise on-premises and cloud environments.
· You will have strong analytical and problem-solving abilities, coupled with excellent development, communication, and organizational skills.
· You will be responsible for continuously improving the quality of our technology solutions, through a range of methods including peer review, retrospectives and refactoring as required.
Required Skills:
· 10+ years hands-on Enterprise-class Information Technology experience.
· Strong knowledge of Windows Operating System Endpoint Internals environments of 50,000+ Endpoints.
· Ability to troubleshoot complex Windows environments.
· Experience in working with enterprise class, Endpoint technologies such as Microsoft Defender, Advanced Threat Protection (ATP) for Endpoint, Tanium, CrowdStrike or similar industry technology solutions.
· Competency with any scripting languages such as PowerShell, Python, Perl etc.
· Experience in Design/Engineering/Architecting new solutions from Proof of Concept to Production.
· Have strong interest to learn/work with Cybersecurity technology environments.
Desired Skills:
· Experience with Disk Encryption (e.g. BitLocker) and hardening operating systems.
· Experience with Defender for Cloud Apps.
· Experience with SCCM/In-Tune for software deployment management Splunk for Dashboard reporting/analytics.
· Experience working in a DevOps/SRE aligned team.
· Effective troubleshooting skills across hardware, OS, network, and storage.
· Experience of platform design, build and deployment, with a focus on continual service improvement (CI/CD).
· Experience of working in an Agile environment.
· Experience with Unix/Linux, and MacOS sysadmin a benefit.
· Enterprise security industry certifications (CISSP, SANS, GIAC etc)
Spruce Technology, Inc. is a mid-size, award-winning (Inc 5000, SmartCEO, Entrepreneur of the Year) technology services firm with a steadily growing portfolio of commercial and government clients. Spruce provides innovative technology solutions, specialized IT staff, and IT strategy consulting nationwide. Spruce maintains partnerships with major technology vendors and continually develops leading-edge offerings in service areas such as digital experience, data services, application development, infrastructure, cyber security, and IT staffing.
Spruce Technology, Inc. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Consistent with the Americans with Disabilities Act, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process.