Senior Information Security Analyst Position Available In New York, New York

• Senior Information Security Analyst- On-site NYC
• The Senior Information Security Analyst will be responsible for monitoring the Firm security systems and performing penetration tests of the infrastructure.

Key responsibilities entail daily monitoring activities, including SIEM and other security tools and identification and mitigation of suspicious events, conducting controlled penetration tests, identifying vulnerabilities, and delivering reports with recommendations for mitigation. ell as work on a diverse set of security related projects and responsibilities.

• Essential Duties and Responsibilities:

• Perform real-time security log and event analysis and take action to contain and mitigate information security threats.

The events will originate from SIEM, DLP, IDS, IPS, antivirus, firewalls, system security logs and user reports. + Conduct manual and automated penetration testing of web applications, APIs, networks, cloud environments, and mobile apps. + Simulate real-world cyber-intrusion techniques to identify security vulnerabilities and validate practical exposures/risks. + Develop automation workflows, routines and scripts to support advanced testing efforts and remediation validation + Contribute to red team engagements, threat modeling, and purple team exercises. + Assist in maintaining existing security systems, such as IPS/IDS, Anti-Virus, EPO, SIEM, NAC and other cyberattack detection and analytics tools; assist with security technologies deployment, configuration, troubleshooting, maintenance, patching/upgrading and decommission. + Make enhancements to existing monitoring and security operations and contribute to a Continuous Monitoring program framework.

• Knowledge, Skills, and Abilities Required:

• Strong knowledge of network services, vulnerabilities, exploits and attacks vectors and TTPs (Tactics, Techniques, and Procedures).
• + Proven experience in penetration testing, ethical hacking, or purple teaming.

+ Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and common exploit techniques. + Proficiency with tools like Burp Suite, Metasploit, Nmap, Nessus, Kali, Bloodhound, or similar. + Familiarity with scripting (e.g., Python, PowerShell) for automation and vulnerability validation. + Understanding of IT infrastructure, networking, system internals (Windows/Linux), and web/application security. + SPLUNK Administrator or Power User considered a plus. + Strong knowledge of server and desktop operating systems, routers, switches, firewalls and other network equipment. + Experience with cloud environments (SaaS, iDP, AWS, Azure, GCP) and cloud security testing. + Knowledge of mobile app security vulnerabilities (iOS, Android) and threat modeling a plus. + Participation in Capture The Flag (CTF) events or offensive security challenges

• Education and Experience:

• Bachelor’s degree in related field or discipline. + Minimum of 7 years of experience in information security. + Certifications such as GPEN, OSCP, OSEP or similar are highly desirable. + CISSP, CISA, CEH, GIAC and other industry certifications considered a plus. + 5 days on site, 170k-185k

• About ManpowerGroup, Parent Company of:

• Manpower, Experis, Talent Solutions, and Jefferson Wells
• _ManpowerGroup® (

NYSE:

MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands -_

• _Manpower, Experis, Talent Solutions, and Jefferson Wells_
• _-_ creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years.

We are recognized consistently for our diversity – as a best place to work for Women, Inclusion, Equality and Disability and in 2022 ManpowerGroup was named one of the World’s Most Ethical Companies for the 13th year – all confirming our position as the brand of choice for in-demand talent.

ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee’s race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.