Listing Description
Senior Security Engineer
Employer:
Blackstone
Firm Overview:
Blackstone is one of the world’s leading investment firms. We seek to create positive economic impact
and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help companies solve problems. Our asset management businesses, with over $440 billion in assets under management, include investment vehicles focused on private equity, real estate, public debt and equity, non-investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at www.blackstone.com. Follow Blackstone on Twitter @Blackstone.
Business Unit:
Innovations
Business Unit Overview:
Blackstone Innovations (BXi) is the technology team at the core of each of Blackstone’s businesses and
new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies. BXi is nimble and entrepreneurial – our open, iterative design processes and rapid pace of development mean that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation. We believe in active mentoring and developing excellence. We collaborate to find the best answers for our customers and for Blackstone. We are critical to the firm maintaining its competitive edge.
Risk and Security:
Blackstone has a dedicated team that works across the firm to properly balance security with convenience, believing that securing the firm requires a total team effort. Since information risk and security is 75% about people and process and 25% about technology, the team is dedicated to creating business value through security solutions. User training/awareness programs, development of governance models, transparent metrics, industry leading technologies and innovative approaches are part of Blackstone’s world class information risk and security.
Job Title:
Senior Security Engineer
Job Description:
The Senior Security Engineer provides leadership and hands-on expertise for a diverse set of security
projects including but not limited to threat intelligence, security monitoring, security automation, intrusion prevention, purple teaming and endpoint security. The Senior Security Engineer will identify, evaluate and implement new technologies to improve the organization’s capability to prevent, detect, contain and respond to threats, rapidly prototyping cutting-edge solutions and integrating new data with data from existing systems using available tools and/or custom development.
• Lead and support information security projects by researching, documenting, and assisting with the implementation of security solutions.
• Leverage Blackstone’s threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities.
• Perform Red/Purple Team exercises to identify and correct gaps in Blackstone’s security monitoring program.
• Leverage Blackstone’s Continuous Testing framework to identify, design and deploy tests for
Blackstone’s security monitoring controls.
• Integrate threat intelligence feeds and sources with Blackstone’s security monitoring infrastructure.
• Support, maintain and enhance Blackstone’s Orchestration and Automation platform
• Design, develop and deploy automation playbooks for automated incident response investigations.
• Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
• Identify and implement tools to baseline activity and alert or limit suspicious activity and
insider threat among networks, databases, data and users
Qualifications:
• 3-5 years in a hands-on technical role in information security
• Hands-on experience deploying & operating security technologies including devices, networks and systems that prevent, detect & respond to security threats
• Strong understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill-chain analysis, risk assessment and security metrics
• Working knowledge of a wide range of current network security technologies such as firewalls, proxies, network and host-based intrusion prevention, DLP, vulnerability
assessment tools, security information/event management, endpoint security, anti-virus/anti- malware, etc.
• Strong understanding of network protocols
• Development/scripting experience: Python and/or PowerShell.
• Working knowledge of Information Security best practices
• Desire to learn new technologies, share best practices, and contribute to the broader shared knowledge of a global infrastructure and security team
• Ability to self-organize, prioritize activities independently, create documentation and
reporting
• Ability to interface with business and technology stakeholders
• Ability to manage stakeholder expectations in the delivery of projects
• Enables creative solutions by stimulating ideas through discussion and collaboration
• Manages uncertainty well – able to assess and act with good enough but imperfect or incomplete information
• Strong written and oral communication skills with the ability to explain technical ideas to
non-technical individuals at any level
• B.S. in Computer Science or Engineering or similar technical program
• At least one active security certification: CEH, OSCP, CPTE, CISM, CISSP or related
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, sexual orientation, national origin or any other category protected by law.• Leverage Blackstone’s threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities.
• Perform Red/Purple Team exercises to identify and correct gaps in Blackstone’s security monitoring program.
• Leverage Blackstone’s Continuous Testing framework to identify, design and deploy tests for
Blackstone’s security monitoring controls.
• Integrate threat intelligence feeds and sources with Blackstone’s security monitoring infrastructure.
• Support, maintain and enhance Blackstone’s Orchestration and Automation platform
• Design, develop and deploy automation playbooks for automated incident response investigations.
• Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
• Identify and implement tools to baseline activity and alert or limit suspicious activity and
insider threat among networks, databases, data and users
Listing Details
- Citizenship: Us Citizen
- Incentives: Both
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Optional Telecommute