Windows Security Engineer

Job Description

About the Position

We are seeking someone with a strong Windows background and exposure to modern platform security controls to join our growing team dedicated to securing the Jane Street Windows estate. You will help secure the Windows platform through a combination of technical hands-on work, advice and direction for the wider Windows team and development of our team specific security program. This will include everything from investigating emerging threats and new red/blue-team tooling, to mitigating vulnerabilities alongside contributing to and developing our IT control framework, policies and playbooks.

In your role you will suggest, design, test, implement and document security controls. You will provide guidance, support and a point of escalation to the broader Windows team while collaborating with the Cybersecurity team. We are looking for someone with good taste and judgment with regards to prioritization of potentially expansive and long running tasks or remediation efforts, where to focus our efforts on mitigation, and in providing advice and decision making where needed.

About you

  • Windows Systems Engineer with experience participating in securing a Windows platform and a track record of remedying complex technical issues.
  • Knowledge of areas such as common Windows vulnerabilities and mitigation methods, countermeasures to common TTPs, OS hardening/best practices, log aggregation and querying methods. An understanding of approaches for securing privileged access within an Active Directory domain and familiarity with common Cybersecurity frameworks also desired.
  • Ideally, hands on experience with Windows Core Infrastructure (AD, PKI, MSSQL, GPO etc), technologies for securing Windows (Auditing and Monitoring, Disk Encryption, Application Control, Host based Firewalls etc) and Endpoint Security (AV, EDR, Vulnerability scanning, patch management).
  • Experience developing guidelines, standards, and procedures which relate to an organizational IT security policy or comfort writing. Powershell is a plus.