IT Security Manager

PJT Partners - New York, NY3.3

Full-time
IMPORTANT NOTICE: In order to be considered for this position, you MUST attach your resume. Additionally, w e recommend that you do not attempt to apply using Safari; we suggest using Chrome.

Firm Profile:
PJT Partners is a global advisory-focused investment bank. Our team of senior professionals delivers a wide array of strategic advisory, restructuring and special situations and private fund advisory and placement services to corporations, financial sponsors, institutional investors and governments around the world. We offer a unique portfolio of advisory services designed to help our clients realize major corporate milestones and solve complex issues. We also provide, through Park Hill Group, private fund advisory and placement services for alternative investment managers, including private equity funds, real estate funds and hedge funds. To learn more about PJT Partners, please visit the Company’s website at www.pjtpartners.com .

Role Overview:
Reporting to the Chief Information Security Officer, the Information Security Manager is a technical security expert responsible for the security operations of the firm. S/he will have practical experience in developing, coordinating, and executing risk mitigation strategy and tactics. This person will help manage all aspects of the firm’s information security program including policies, access management, vulnerability management, threat analysis and reporting, security event monitoring and alerting, incident management and response, security assessments, security awareness, change control, and vendor risk.

Responsibilities:
Lead the Technology support and managed security services teams in support of all designated security operations and incident response tasks
Ensure information is appropriately secured
Manage and run all security technologies including SIEM, antimalware, and vulnerability assessment scanners
Provide technical guidance to team members in all aspects of technology security
Identify and measure operational risks, and coordinate the response process to minimize risk impact to the firm
Improve existing processes through innovation and operational change
Conduct investigations and after-action reviews to identify areas of improvement
Evaluate existing technologies and identify opportunities for improvement
Identify, document, and communicate technical information security risks in the firm’s information technology resources
Review and approve all IT system, network, and application changes, system patches, and updates according to the firm’s change control procedure
Enforce security policies and best practices as required
Apply detailed technical knowledge and understanding of individual risks and interactions to available defences and countermeasures
Document mitigation strategies and direct appropriate technical teams to implement as required
Review, contain and resolve security incidents and support investigative activities
Monitor and research information sources for zero-day and emerging information security threats and vulnerabilities
Conduct vulnerability assessments and report findings along with recommended solutions to mitigate risks to the firm
Work with security vendors to manage security technologies, and maintain procedure runbooks
Work with internal and external auditors
Interface with external contacts and third parties
Prepare and conduct annual information security awareness training

Qualifications:
We seek to hire individuals who are highly motivated, intelligent, and are proven self-starters. The successful candidate should have excellent communication skills, a demonstrated ability to write effectively, and a desire to work in a team environment. In addition, qualified candidates will possess the following:

Bachelor’s degree in Information Technology, Computer Science, or related field
Minimum 8-10 years of increasing responsibility in information security administration, engineering, and operations management
Must be a self-starter with ability to lead and deliver security projects and initiatives with minimal supervision
3+ years in team leadership and staff development
Must have strong working knowledge of Splunk (or other commercial SIEM), firewalls, and antimalware technologies
Working knowledge and understanding of ISO 27001/2 and NIST Cyber Security Framework (CSF)
Experience in network traffic analysis, incident response, endpoint security, and threat modelling
Experience working in a security operations center a plus
Ability to develop and track key performance indicators (KPIs) and metrics for operational success
Strong written, verbal and communication skills with the demonstrated ability to work with all levels within the organization
Strong organizational, analytical, decision-making and problem solving skills
High level of attention to detail
Ability to work in a fast-paced environment with rapidly shifting priorities and have ability to learn new technology and concepts quickly

Application Instructions:
Complete the PJT Partners On-Line application for the “Information Security Manager - Technology" position through the following link: www.pjtpartners.com/careers/

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, sexual orientation, national origin or any other category protected by law.