Request Technology - Craig Johnson

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Windows Server Engineer to administer and enhance the Windows server infrastructure. Candidate will have prior experience designing, supporting, and administering Windows server environment. RESPONSIBILITIES Provide advanced Windows system administration, operational support, and problem resolution for a mixed Windows Server 2012 R2 and 2016 environment Provide break/fix support for Windows Server OS and third-party application issues Troubleshoot hardware and software problems, take appropriate corrective action and/or interact with team members or vendors to work through issue resolution Participate in patching and vulnerability remediation, as needed Adhere to The OCC Change Management process Comply with all audit, compliance, and regulatory requirements Perform other duties as assigned Support On call and weekend work Qualifications In-depth knowledge of Windows Server 2012 R2 and 2016 administration and support Experience with Powershell commands and scripts System administration experience and knowledge of VMware and administration of virtual Servers General working knowledge of NAS, SAN, and networking Active Directory administration experience Software deployment experience through SCCM or similar tools is a plus Vulnerability remediation experience is a plus Five or more years of Windows Server installation, operations, administration, and maintenance of physical and virtualized Servers in an enterprise environment Good communication, analytical, and judgment skills Ability to work effectively with clients, technical staff, consultants and vendors. Ability to work well under pressure and within deadlines

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Windows Server Engineer to administer and enhance the Windows server infrastructure. Candidate will have prior experience designing, supporting, and administering Windows server environment. RESPONSIBILITIES Provide advanced Windows system administration, operational support, and problem resolution for a mixed Windows Server 2012 R2 and 2016 environment Provide break/fix support for Windows Server OS and third-party application issues Troubleshoot hardware and software problems, take appropriate corrective action and/or interact with team members or vendors to work through issue resolution Participate in patching and vulnerability remediation, as needed Adhere to The OCC Change Management process Comply with all audit, compliance, and regulatory requirements Perform other duties as assigned Support On call and weekend work Qualifications In-depth knowledge of Windows Server 2012 R2 and 2016 administration and support Experience with Powershell commands and scripts System administration experience and knowledge of VMware and administration of virtual Servers General working knowledge of NAS, SAN, and networking Active Directory administration experience Software deployment experience through SCCM or similar tools is a plus Vulnerability remediation experience is a plus Five or more years of Windows Server installation, operations, administration, and maintenance of physical and virtualized Servers in an enterprise environment Good communication, analytical, and judgment skills Ability to work effectively with clients, technical staff, consultants and vendors. Ability to work well under pressure and within deadlines

*Position is bonus eligible* Prestigious Global Trading Company is currently seeking a Senior MySQL Database Administrator to expand the DBA team. Company is in the process of a new database buildout, so this role would be demanding with respect to new databases setup in a clustered/highly-available environment. Candidate will coordinate with the systems team for new hardware setup and with various development teams for implementing and optimizing a new DB schema. Responsibilities Build out a clustered, highly-available database environment in MySQL. Setup and support replication across various database instances. Periodic maintenance including backups/restores and version upgrades. Database Monitoring and Alerting enhancements. Support existing relational and time series databases across various data centers. Provide quick response to production issues to help eliminate down time ensuring high availability. Qualifications Experience with MySQL database administration and best practices. Experience in optimized system configuration for a replicated HA setup. Comfortable in the Linux Environment. Experience with bash, python or other Scripting language. Experience in a Financial/Trading environment preferred. Off hours production support for various database instances. Bachelors/Masters in Computer Science or related field.

*Position is bonus eligible* Prestigious Financial Company is currently seeking a Sr. Site Reliability Engineer. Candidate will support the availability and performance of the next generation of Cloud Platform. Enhance system reliability and developer productivity through automation. Provide guidance to development teams in the areas of cloud technologies, application profiling and monitoring, logging, metrics collection and analysis. Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Collaborate with development, operations and infrastructure teams to ensure availability of services, and to work through implementation issues. Develop automation for incident response and to prevent problem recurrence Create and enhance runbooks to respond to service outages or degradations Assess the production readiness of services Define and track operational metrics for production performance, reliability, scalability and availability Develop and maintain shared services and tools to improve reliability and reduce toil across the organization Contribute to the team's continuous improvement through research, retrospectives, discussion groups, code reviews and create stories for the sprint backlog Qualifications: Experience with maintaining and troubleshooting large-scale distributed systems Experience with Agile/Scrum methodology Able to succeed in fast-paced environment with frequent changes Comfortable communicating with both technical and non-technical audiences Experience managing infrastructure in public cloud environments like AWS (preferred), Azure or Google Cloud Platform Experience providing visibility using monitoring and alerting tools like Splunk, SignalFx, AppDynamics, Datadog, StackDriver, Sysdig, Prometheus or Grafana Programming/Scripting experience in languages like Java, Bash, Python or Go Experience with distributed messaging systems like Kafka, RabbitMQ, or ActiveMQ Experience with container orchestration systems like Kubernetes, Mesos, Docker Swarm or Rancher Experience with using Continuous Integration and Continuous Delivery (CI/CD) tools like Jenkins, Travis, Harness, Spinnaker, Appveyor, CodeBuild or CodePipeline. Bachelor's or Master's Degrees in Computer Science, Information Systems or other related field. Or equivalent work experience. Minimum of 3-5 years of experience in Site Reliability Engineering/DevOps

*Position is bonus eligible* Prestigious Financial Company is currently seeking a Sr. Site Reliability Engineer. Candidate will support the availability and performance of the next generation of Cloud Platform. Enhance system reliability and developer productivity through automation. Provide guidance to development teams in the areas of cloud technologies, application profiling and monitoring, logging, metrics collection and analysis. Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Collaborate with development, operations and infrastructure teams to ensure availability of services, and to work through implementation issues. Develop automation for incident response and to prevent problem recurrence Create and enhance runbooks to respond to service outages or degradations Assess the production readiness of services Define and track operational metrics for production performance, reliability, scalability and availability Develop and maintain shared services and tools to improve reliability and reduce toil across the organization Contribute to the team's continuous improvement through research, retrospectives, discussion groups, code reviews and create stories for the sprint backlog Qualifications: Experience with maintaining and troubleshooting large-scale distributed systems Experience with Agile/Scrum methodology Able to succeed in fast-paced environment with frequent changes Comfortable communicating with both technical and non-technical audiences Experience managing infrastructure in public cloud environments like AWS (preferred), Azure or Google Cloud Platform Experience providing visibility using monitoring and alerting tools like Splunk, SignalFx, AppDynamics, Datadog, StackDriver, Sysdig, Prometheus or Grafana Programming/Scripting experience in languages like Java, Bash, Python or Go Experience with distributed messaging systems like Kafka, RabbitMQ, or ActiveMQ Experience with container orchestration systems like Kubernetes, Mesos, Docker Swarm or Rancher Experience with using Continuous Integration and Continuous Delivery (CI/CD) tools like Jenkins, Travis, Harness, Spinnaker, Appveyor, CodeBuild or CodePipeline. Bachelor's or Master's Degrees in Computer Science, Information Systems or other related field. Or equivalent work experience. Minimum of 3-5 years of experience in Site Reliability Engineering/DevOps

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Manager of IT Vendor Management. Candidate leads, manages, mentors, and develops the technology teams across ETP teams including Office of the CIO, business solutions, enterprise architecture and infrastructure teams. Responsibilities: Defines business objectives and tactical operations to achieved defined objectives Engages technical and business teams to ensure the team direction, priority and focus enable corporate success Delivers proactive, business focused IT services that enable rapid business growth and smooth business operations Manages tactical steps Coordinates priorities between the IT department and user departments Oversees technical team in collaboration with vendor and other support teams for problem resolution Continues to seek out opportunities to increase internal client satisfaction and deepen client relationships Qualifications: Bachelors degree and formal education in relevant disciplines (Business, Engineering, Information Systems, Computer Science, Mathematics or relevant degreed) 7+ years related experience in technology management, customer relationship management and staff management Teambuilding/Develops Team Problem Solver Working knowledge of multiple disciplines and technologies Demonstrated and effective leadership skills. Possess a strong work ethic and high level of professionalism with the ability to work in a fast-paced environment. Able to effectively work independently and in a team environment, with staff at all levels, to achieve business goals. Experience managing and mentoring team members Proven track record of managing impediments that exceed the self-organizing capabilities of teams Demonstrates ability to recognize healthy team conflicts and promotes constructive disagreement Showcases abilities to be disruptive enough to enforce a change within the organization Develops an effective action plan to implement change and monitors results Recognizes when change is necessary Understands the power of a self-organization and how to encourage it Ability to lead a team environment with Agile delivery values Extensive knowledge and hands-on management experience in Vendor Management strategies and best practices Ability to collaborate with IT teams and Corporate IT Procurement to integrate Vendor Management into the Strategic Sourcing process Experience in designing and executing vendor performance monitoring, tracking and reporting strategies including vendor score-carding, contractual SLA metric compliance, and issue/grievance resolution Well-versed in key contract terminology and legal language/concepts used in vendor contracts, such as indemnification, intellectual property, force majeure, and amendments/exhibits/SOWs, and understands how they interrelate Experience collaborating with IT stakeholders to establish and facilitate a cadence on Executive Briefings and Operating Reviews Solid grasp of financial concepts, such as depreciation schedules, dollar costing and total cost of ownership Hands-on experience building vendor management dashboards and executive reports that demonstrate the value of the function and celebrate wins and successes Experience in rationalizing the vendor portfolio on an annual basis to ensure focus is maintained on the most strategic vendors

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Pen-Testing Vulnerabilities Security Engineer. Security Red Team testers engage in targeted simulations consisting of threat intelligence gathering, network & application penetration testing, social engineering, physical security testing, mobile device testing, and more. Team members must ensure the availability and integrity of operational systems and self-disclose identified findings in a timely/proactive manner. Candidate will have extensive experience in more than one of the following security testing domains: Open Source Intelligence, Network/Application, Web Application, Mobile Application, and Social Engineering. Experience testing database Servers as well as proficiency with custom Scripting and automation is a huge plus. Responsibilities: Execute Red Team simulations based on organizationally defined threat scenarios with strict adherence to the agreed-upon rules of engagement. Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Social Engineering, Basic Emissions/Signals Testing, Physical Security Testing, etc. Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities. Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing and Red Team activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Red Team members. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Participate on various technical committees and provide input and feedback to department. Stay current on emerging technology trends and the threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Train Full time and contingent Security Testing Red Team personnel. Support Security Red Team management and activities and be a team player. Perform other duties as assigned. Qualifications : Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Social Engineering and Open Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more. Proven due diligence and research ability via open source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in network, application, emissions and physical security. Strong proficiency in social engineering and intelligence gathering. Strong experience with custom Scripting (python, powershell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Netsparker, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Pen-Testing Vulnerabilities Security Engineer. Security Red Team testers engage in targeted simulations consisting of threat intelligence gathering, network & application penetration testing, social engineering, physical security testing, mobile device testing, and more. Team members must ensure the availability and integrity of operational systems and self-disclose identified findings in a timely/proactive manner. Candidate will have extensive experience in more than one of the following security testing domains: Open Source Intelligence, Network/Application, Web Application, Mobile Application, and Social Engineering. Experience testing database Servers as well as proficiency with custom Scripting and automation is a huge plus. Responsibilities: Execute Red Team simulations based on organizationally defined threat scenarios with strict adherence to the agreed-upon rules of engagement. Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Social Engineering, Basic Emissions/Signals Testing, Physical Security Testing, etc. Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities. Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing and Red Team activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Red Team members. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Participate on various technical committees and provide input and feedback to department. Stay current on emerging technology trends and the threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Train Full time and contingent Security Testing Red Team personnel. Support Security Red Team management and activities and be a team player. Perform other duties as assigned. Qualifications : Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Social Engineering and Open Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more. Proven due diligence and research ability via open source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in network, application, emissions and physical security. Strong proficiency in social engineering and intelligence gathering. Strong experience with custom Scripting (python, powershell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Netsparker, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking an Identity and Access Management Engineer with ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking an Identity and Access Management Engineer with ForgeRock experience. Candidate will be integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational support in Identity and Access related functions. Responsibilities: Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Qualifications: Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking an Information Security Infrastructure Architect. Candidate will be responsible for working with our organization's Technology team, project teams and Information Security Operational Line teams. Candidate will architect and design secure infrastructure, business systems and overall solutions for IaaS, PaaS, and SaaS. Responsibilities: Function as the team's Infrastructure subject matter expert (SME) Collect, interpret, evaluate, and validate business requirements, functions and processes associated with assigned projects Work with the Project Team's solution architects and technical team members to develop security solution architectures that are in compliance with the organization's InfoSec policies, standards, non-functional requirements, reference architectures and patterns Identify security risks and provide recommendations, solutions, and options to best mitigate those risks Have a thorough understanding of industry standard InfoSec control frameworks such as ISO 27001/27002, NIST, and CIS The ISA Tech Lead shall understand the concepts and practical application of the following foundational security architecture, design and operational principles and practices across the technology stack: Identity and Access Management, Network Security, Server and Client Endpoint Security, Data Security, Cryptography, Application Security, Mobile device security and Vulnerability Management. Able to translate the foundational security architecture, design and operational principles and practices above to cloud environments Cloud Security (IaaS, PaaS, and SaaS) across cloud platforms such as AWS (must have), Google (desired) and Azure (nice-to-have) This role provides oversight, consultation, advisory, controls design, compliance framework adherence and patterns documentation to the benefit of IT and the businesses. Qualifications : 8-10 years of information technology experience, preferably within the financial services and/or mortgage industry BA/BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience 4 years of experience as an Information Security Professional, preferably within the architecture or engineering practices 3 years of experience as an InfoSec Solutions Architect 1-2 years of experience in the application of Information Security Architecture in a cloud environment (Amazon Web Services is a must) Technical, working knowledge including: Agile project methodologies Active Directory Federation Services and other federated technologies (Ping, Okta ) Virtual Machines (OSP, VMWare, AWS AMI ) Application vulnerability scanning SDLC Pipeline automation security Containerization Next Generation Firewalls External Secure Web Gateways and CASBs Network and Host-based IDS/IPS CISSP (+ ISSAP), CCSP - preferred AWS Certified Solutions Architect (Associated, Professional) - preferred Google Professional Cloud Architect - preferred SABSA (F1 & F2 minimum) are a plus

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Cloud Azure O365 Cloud Architect. Candidate is responsible for designing the various cloud platforms in conjunction with on-prem services supporting the multiple application stacks that run the business. Provides subject-matter-expertise for current and future planning, technical architectures, models and standards. Working closely with the other members of the architecture team to ensure a cohesive enterprise technology strategy and direction. Responsibilities: The Cloud Architect establishes and leads the technology strategy and technology roadmaps that enable the business. They maintain enterprise level architecture through the stages of planning, design and execution of all new platform buildouts that support our application strategies. Lead, develop, and socialize the design, development, and deployment of solutions for cloud migration, application migration, and cloud data security. Ensure cloud solutions/deployments are in line with the enterprise architecture strategies and standards across business, data, application, infrastructure, network, and security spaces. Review existing architectures to identify technical deficiencies, design gaps, new opportunities, and create actionable recommendation for cloud migration and enhancements. Listening, drawing out key concepts and articulating advanced technical and non-technical concepts with ease (both written and oral formats) to customers, peers and management at several levels and across the organization with minimal oversight. Proceeds from concept, to design, to leading the implementation of complex, medium to large scale projects. Ability to balance the long term big picture and short term implications of decisions. Ability to solicit input from internal and external sources, including the ability to investigate and incorporate best practices from other corporations, experience and sound judgment. Shares best practices, lessons learned and constantly updates the technical system architecture requirements based on changing technologies, and knowledge related to recent, current and upcoming vendor products and solutions Collaborates with other members of the Kirkland management staff and contributes to manager meetings, quarterly summits, etc Does "whatever it takes" to support the tactical and strategic goals of the team and in the Firm. Qualifications: BS in Engineering, Information Technology, or equivalent work experience. 10+ years general technology experience, Law firm experience a plus 3+ years high level cloud infrastructure design Extensive In-Depth knowledge in public, private, and multi-cloud/hybrid environments (Azure, AWS, Google Cloud Platform) and migrating on-premise application and services to those platforms. Experience with containerization solutions and orchestration platforms, both on-premise and cloud based. Docker, Rancher, Kubernetes, Azure Kubernetes Service. Strong knowledge of templating and automation Scripting such as Power-Shell, Chef, Ansible, and Puppet Strong working knowledge of LAN/WAN/SDWAN concepts as they relate to hybrid environments Experience with building and maintaining high-availability (>99%) environments Strong understanding of Active Directory and Group Policy Strong knowledge of Windows and Linux server technologies Excellent analytical and organizational skills and attention to detail Excellent communication (verbal and written) skills in preparing reports, presentations and documentation. Demonstrated ability to work independently and troubleshoot problems with speed and efficiency is required. Ability to travel (domestically and internationally) as necessary Certification: Technical certifications (eg, Microsoft MCSA/MCSE; Azure Solutions Architect.) a plus.

*We are unable to sponsor for this permanent Full time role* *25% Onsite as needed, must be local to area* Prestigious Institution is currently seeking a Healthcare Application Support Manager. Candidate will be responsible for leadership and management of the Application System Administrators team, delivering technical excellence, project management, and support. The manager will create a collaborative, supportive environment which focuses on a professional application support culture within the team. Manages and directs application staff toward timely and efficient completion of incidents and project tasks. Oversees application portfolio and life cycle management to ensure user needs are met and systems are compliant. RESPONSIBILITIES Supervises and is responsible for assuring that assigned Application Support Staff promote customer service excellence as established by the Vice President of IT & CIO. Participates in the hiring and evaluation processes. Recommends and carries out disciplinary action when needed. Responsible for the IT system management of 95+ applications including RightFax, Rauland R5 Nursecall, Cbord, POS systems, Xper, OnBase, Echo Medical Credentialing, various Cardiology support systems, and iSupport. Prioritizes and assigns tasks to assigned staff and assures they are completed within the required time frames, according to the established schedules and priorities. Monitors projects and tasks, keeping management informed of status. Participates in planning, development, and implementation of IT goals. Mentors assigned staff to utilize departmental tools and systems. Performs other duties as assigned or as may be required to meet emergency situations. Enforces policies and procedures established as hospital standards during the execution of assigned staff's duties. Keeps IT Management and end users as appropriate abreast of issues impacting performance and system capacity along with recommendations for corrective action or planning. As the need arises, assumes the lead role for downed systems and/or critical system issues; responsible for timely escalation, team collaboration, departmental and end user communication, and overall management of the situation. Works closely with customers and IT staff from various departments to disseminate and coordinate planned application downtime events. Coordinates the training and documentation for the Application Support Staff with regard to new and existing technologies. Tracks application service requests, coordinates assignments, and audits the work completed to ensure issues are resolved to the customers' satisfaction and within the service level agreement timeframes. Escalates issues to the IT Management Group as necessary. Responsible for application life cycle management and ensuring the Application Portfolio is kept up to date. Makes budget recommendations based on application needs. Builds and continually adds to the IT knowledge database. Mentors, assists, and shares learned knowledge and skills with fellow IT members. Responsible for a collaborative work team to ensure positive working relationships. Follows and adheres to the Project Management methodology as defined by the Project Management Office. QUALIFICATIONS Bachelors Degree in Computer Science or related required. 7-10 years of demonstrated hospital operations experience with extensive knowledge in ancillary, nursing administrative business processes. Minimum of 5 years supervisory experience including hiring, performance management, salary administration. Knowledge of various Operating System platforms a plus. Knowledge of desktop technology a preferred. Demonstrated experience in leading/directing team members. Demonstrated experience in project management. Strong project management, analytical, written, and presentation skills. Strong interpersonal skills and the ability to work collegially and collaboratively with all levels and functions with the company to foster partnership and teamwork. Analytical and reporting skills, including the ability to create reports and statistics from various databases using reporting tools/software a plus.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Disaster Recovery Analyst. Candidate will focus on enabling the IT Disaster Recovery process and providing expertise in D/R concepts, plan authoring, validation and testing of critical systems. The role is highly focused on the development, delivery and maintenance of technical and complex Ransomware planning and the support of simulation tests and tabletop exercises. Responsibilities Coordinates with various information technology and business groups to identify critical systems and dependencies, and the potential vulnerabilities and risks that could result in catastrophic impact. Coordinates and executes Ransomware Rebuild simulation tests, documents results recovery time capabilities, issues, and resolutions through post-testing analysis. Serves as tertiary back-up during tabletop exercises or actual catastrophic disaster recovery or business continuity events. Gather and analyze data Interpret gathered data Submit reports to the relevant department heads and management Find patterns and trends in the analyzed data Help management and other teams achieve business goals and needs Formulate procedural manuals if required Track and reconcile data Supports the execution of a specific IT process (ie Vendor Management, Asset Management, Telecommunications, Business Applications, Service Delivery, etc.) in response to business needs and requests. Define, track and monitor KPIs Identify and mitigate risks Collaborates with business and IT stakeholders to identify, analyze, understand and prioritize activities by business value and urgency. Develops consultative partnerships with internal teams and leaders to understand their strategic objectives, key performance indicators and reporting requirements. Supports communications, meetings, and other collaborations as appropriate to effectively perform work and to understand, resolve, and/or mitigate risks, issues, obstacles, and conflicts Collaborate cross-functionally to enhance overall delivery of reporting across the business units and within the department. Establish and collect KPI to measure business value delivered by projects and solutions. Analyze and interpret information for planning and control purposes. Present to leadership recommendations on opportunities Qualifications Bachelors Degree in Information Technology, Computer Science or equivalent work experience Proven experience within the disaster recovery field 3+ years leading medium to complex multi-million-dollar systems development programs 3+ years of experience with Disaster Recovery Planning Software and tools Strong understanding of Ransomware recovery and architectural of Isolated Recovery Environments Subject matter expertise in IT Disaster Recovery with a minimum of 3 years of Disaster Recovery experience 7+ years of experience in an Information Technology discipline 5+ years of experience with developing/testing recovering strategies for cloud (IaaS/SaaS) based applications Working knowledge of recovery tools such as SRM and Zerto Strong project manager skills with 5+ years of hands on experience 5 + years of experience with automation and orchestration tools for recovering applications at alternate locations Experience developing business impact analysis documents Strategic mindset to lead recovery strategy planning efforts Demonstrated ability to coordinate complex integrated disaster recovery exercises Thorough knowledge of data management in order to assist in the preparation of recovery procedures Strong ability in building effective relationships with clients and colleagues

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Cloud Solutions Architect. Candidate will provide subject matter expertise for infrastructure architecture for Cloud native applications. Implement best practices for designing such infrastructure. Responsibilities Provide technical guidance to other team members for the design, implementation, and support of infrastructure and cloud architecture and automation technologies. Act as a subject matter expert o the organization for cloud, automation, and end-to-end architecture for cloud infrastructure solutions. Maintain overall industry knowledge on the latest trends and technology and demonstrate forward thinking around how technology can support the organizational direction. Design, configure, implement, and support a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code. Enable DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka, and container management systems. Participate in cloud computing environment buildouts, software installation, maintenance, and support. Provide technical guidance to junior team members. Create procedural and troubleshooting documentation related to cloud native applications Perform other duties as assigned Qualifications: Deep technical knowledge and experience working with complex IT environments including applications, Middleware, storage, networks, information security and operations. Hands on experience with agile, devops and CI/CD. Systems administration and change management practices Message-oriented technologies such as Kafka Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools such as Artifactory, Jenkins, and GIT Cloud native applications, including Terraform experience Technologies used to support microservices Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies Bachelor's degree in a related area 7-10 years of related experience Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting enterprise monitoring technologies Cloud Certification is a plus

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Cloud Solutions Architect. Candidate will provide subject matter expertise for infrastructure architecture for Cloud native applications. Implement best practices for designing such infrastructure. Responsibilities Provide technical guidance to other team members for the design, implementation, and support of infrastructure and cloud architecture and automation technologies. Act as a subject matter expert o the organization for cloud, automation, and end-to-end architecture for cloud infrastructure solutions. Maintain overall industry knowledge on the latest trends and technology and demonstrate forward thinking around how technology can support the organizational direction. Design, configure, implement, and support a fully automated workflow for provisioning and maintaining a complex, highly available cloud environment using infrastructure as code. Enable DevOps development activities and complex development tasks that will involve working with tools such as Docker, Kafka, and container management systems. Participate in cloud computing environment buildouts, software installation, maintenance, and support. Provide technical guidance to junior team members. Create procedural and troubleshooting documentation related to cloud native applications Perform other duties as assigned Qualifications: Deep technical knowledge and experience working with complex IT environments including applications, Middleware, storage, networks, information security and operations. Hands on experience with agile, devops and CI/CD. Systems administration and change management practices Message-oriented technologies such as Kafka Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools such as Artifactory, Jenkins, and GIT Cloud native applications, including Terraform experience Technologies used to support microservices Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies Bachelor's degree in a related area 7-10 years of related experience Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting enterprise monitoring technologies Cloud Certification is a plus

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Principal CyberArk Access Control Engineer. Candidate will be responsible for designing, developing, and integrating Identity and Access Management, Governance and Privileged Access systems and solutions. Responsibilities include but are not limited to identifying, analysing, and resolving systems design weaknesses, prioritizing troubleshooting efforts, and pinpointing resolutions to complex issues surrounding access to systems. Other responsibilities may include monitoring and maintenance of IAM systems, training and communication of (IAM) processes, and advising on IAM solutions and best practices. Job focuses on gathering and interpreting data, documenting business requirements, defining, and documenting processes (process flows/swim lanes), and standardization of data and processes. Must have the ability to analyze internal and external risk, proposing/solutioning best practice in all Identity Access Management functional areas. Identify and design opportunities to automate, streamline, and standardize data and or processes to meet or exceed security standards and policies. Creates business requirements documents and create a functional specs for use in building a technical solution through configuration or coding as the individual progresses through the job levels. This position will also assist in the execution of the corporate information security strategy, work to meet security objectives and respond to company-wide identity security issues and events. RESPONSIBILITIES Lead the development of information security standards and procedures for IAM Collaboration with other teams and business partners regarding Identity and Access Management best practices for both on premise and cloud-based solutions for employees, contractors, partners and customers Serve as Access Control advocate for incident response program Formulate documentation Create functional specs based on requirements gathering Point of contact for IAM project objectives and scope deliverables Submit reports to the relevant department heads and management Identify authorization and authentication risks, define mitigation plan QUALIFICATIONS Bachelors degree in related field or equivalent experience 5 or more years of experience in Identity Access Management and Governance Working experience with Azure and Active Directory Relevant industry experience with a technical background Ability to find patterns and trends when analysing data Experience with Project Management methodology Ability to work effectively with technical and non-technical personnel in a cross-functional setting Strong balance of business acumen and technology knowledge Stay current on trends and current identity threats and make recommendations to leadership on mitigating strategies Understand, communicate, and reinforce standard process concepts and methodology within the ETP organization Possess analytical, quantitative analysis skills to provide insights into performance and efficiency opportunities Ability to communicate with key stakeholders

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Principal CyberArk Access Control Engineer. Candidate will be responsible for designing, developing, and integrating Identity and Access Management, Governance and Privileged Access systems and solutions. Responsibilities include but are not limited to identifying, analysing, and resolving systems design weaknesses, prioritizing troubleshooting efforts, and pinpointing resolutions to complex issues surrounding access to systems. Other responsibilities may include monitoring and maintenance of IAM systems, training and communication of (IAM) processes, and advising on IAM solutions and best practices. Job focuses on gathering and interpreting data, documenting business requirements, defining, and documenting processes (process flows/swim lanes), and standardization of data and processes. Must have the ability to analyze internal and external risk, proposing/solutioning best practice in all Identity Access Management functional areas. Identify and design opportunities to automate, streamline, and standardize data and or processes to meet or exceed security standards and policies. Creates business requirements documents and create a functional specs for use in building a technical solution through configuration or coding as the individual progresses through the job levels. This position will also assist in the execution of the corporate information security strategy, work to meet security objectives and respond to company-wide identity security issues and events. RESPONSIBILITIES Lead the development of information security standards and procedures for IAM Collaboration with other teams and business partners regarding Identity and Access Management best practices for both on premise and cloud-based solutions for employees, contractors, partners and customers Serve as Access Control advocate for incident response program Formulate documentation Create functional specs based on requirements gathering Point of contact for IAM project objectives and scope deliverables Submit reports to the relevant department heads and management Identify authorization and authentication risks, define mitigation plan QUALIFICATIONS Bachelor's degree in related field or equivalent experience 5 or more years of experience in Identity Access Management and Governance Working experience with Azure and Active Directory Relevant industry experience with a technical background Ability to find patterns and trends when analysing data Experience with Project Management methodology Ability to work effectively with technical and non-technical personnel in a cross-functional setting Strong balance of business acumen and technology knowledge Stay current on trends and current identity threats and make recommendations to leadership on mitigating strategies Understand, communicate, and reinforce standard process concepts and methodology within the ETP organization Possess analytical, quantitative analysis skills to provide insights into performance and efficiency opportunities Ability to communicate with key stakeholders

*We are unable to sponsor for this 6+ Month Contract role* Prestigious Enterprise Company is currently seeking a ForgeRock IAM Administrator. Candidate is responsible for the implementation and support of new security solutions. Responsibilities: Access troubleshooting and production support as needed in all systems across the enterprise especially related to Active Directory, IAM, Privileged ID Management, and SAML technologies Demonstrates an advanced understanding of troubleshooting and configuring Drivers, Privileged ID Management, and SAML SSO integrations. Has an advanced understanding of enterprise workflows enabling them to perform advanced troubleshooting and create advanced workflows. Building, releasing and importing Identity Access related changes. Understanding of Cloud solution best practices and integration techniques Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies Installation and configuration of ForgeRock Implement target system integration with ForgeRock Troubleshoot and support ForgeRock based applications and systems Document technical design, configuration and customization specification documents Perform functional and technical requirements gathering and analysis for an enterprise wide identity & access management program. Qualifications: 2+ years of experience in implementing enterprise ForgeRock 5 years of experience in Information Technology and SDLC processes, Excellent written and verbal communication Work well under pressure and timelines to produce results Analytical skill set and insight for connecting the dots when troubleshooting application issues via error messages, log reviews and anecdotal details provided.

*We are unable to sponsor for this permanent Full time role* Prestigious Enterprise Company is currently seeking an Information Security Engineer. Candidate is responsible for maintaining and implementing the cybersecurity infrastructure and program. This position will work very closely and collaborate with other technical teams to respond to threats as well as on a daily basis to maintain the security posture of the environment. Responsibilities: This position works on highly complex projects and maintains knowledge across multiple domains (networking, server, end points, mobile, cloud, etc.). The Information Security Engineer has a thorough understanding of network defense technologies, TCP/IP Networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing. This is a hands-on role which will be involved in patching, maintaining Firewalls, scanning for vulnerabilities, keeping current on the latest security threats and trends, and reviewing technical architecture for security compliance. This individual will be regarded as an expert in all things cybersecurity related. Qualifications: Bachelor's Degree in Business, Computer Science or related field. 3-5 years of enterprise IT security engineering experience. CISSP preferred. Must possess expert understanding of Information Technology, Information Security, and Risk Management. Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework. Systems Security Certified Practitioner (SSCP), CompTIA Security+, or GIAC Security Essentials Certification (GSEC) certification required or must be obtained within 2 years of hire. Experience with ProofPoint, Cisco AMP, SpecOps and other industry standard security tools. Experience with Palo Alto Firewalls Advanced knowledge of Network Security Advanced knowledge of Endpoint Security Advanced knowledge of Server hardening, patching, and base-lining Advanced knowledge of Mobile device security Advanced knowledge of Data Loss Prevention Advanced knowledge of IDS/IPS Advanced knowledge of Log analysis Skilled Critical Thinking Cisco ISE or NAC experience desired Keeps current on emerging threats and mitigation strategies. Scripting (Python, Perl, Powershell) knowledge preferred.