Bloomberg Senior Systems Security Analyst - Systems Security in New York, New York
Job Requisition Number: 57209
As a technology and information services company, we’re committed to the security of all our internal technology and product offerings and our System Security team is trusted with the task. Our mission is to ensure that all of our technologies are designed and developed with the highest degree of security in mind. We sit in the Network Design and Information Security group but collaborate regularly with Bloomberg's CTO, Engineering, and internal technology business units.
What’s in it for you:
On our team you will be an authoritative internal resource in network, host, and third party security. Engineers and system/network administrators will depend on you to ensure correct design, development, and implementation of applications and networks. You’ll review everything from our processes, network design, and access controls to help us make improvements. Using custom tools like protocol analysis, you’ll perform active assessments of custom protocols and large, non-trivial native applications and systems.
We’ll trust you to:
- Communicate complicated technical issues and the risks they pose to engineers, network engineers, system administrators, and management
- Conduct information security assessments from start to finish with minimal assistance or direction
- Help engineers/administrators to develop fixes for issues discovered
- Put information security risks in context in order to help meet business goals
You need to have:
- 5+ years primarily focused on security administration, vulnerability prevention and security assessments
- Performed security assessments of large and real-world applications, systems and/or networks
- Experience overseeing the "fix it" phase of security assessments
- Knowledge of Windows or UNIX internals, especially those relevant to authentication and access control and other facets of security
- Proficiency in at least one scripting language (Bash, Perl, Python, Powershell, etc.)
- Strong Windows or Linux system administration and security assessment skills
- Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.)
- Understanding of low level TCP/IP networking and common protocols such as RADIUS, LDAP, KERBEROS, etc.
- Solid understanding of secure network design
- Experience analyzing network traffic captures using tools such as tcpdump, wireshark, etc.