Windows Security Engineer

We are looking for a Windows Security Engineer with a strong background in Windows Administration and exposure to modern platform security controls to join our growing team dedicated to securing the Jane Street Windows estate. You will help secure the Windows platform through a combination of technical hands-on work, advice, and direction for the wider Windows team and development of our team-specific security program. This will include everything from deploying security controls at scale and investigating emerging threats and new red/blue-team tooling to mitigating vulnerabilities. You will also contribute to developing our IT control framework, policies and playbooks.

In this role you will propose, design, test, implement and document security controls. You will also provide guidance and support, and be a point of escalation to the broader IT team, while collaborating with the Cybersecurity team. We are looking for someone with good taste and judgment with regards to prioritization of potentially expansive and long running tasks or remediation efforts. We’ll rely on you to determine where to focus our mitigation efforts, and provide advice and decision making on behalf of the group where needed.

• Windows Systems Engineer with experience securing a Windows platform and a track record of remedying complex technical issues
• Experience with Powershell or other scripting languages on Windows is strongly desired
• Hands on experience with built-in protection technologies for securing Windows platforms (attack surface reduction, auditing, monitoring and event logging, disk encryption, application control, host-based firewalls, etc.), Windows core infrastructure (AD, PKI, DNS, MSSQL, GPO etc.), and Endpoint Security (AV, AntiMalware, EDR, Vulnerability scanning, Patch Management)
• Knowledge of areas such as: Windows vulnerabilities and mitigation methods, countermeasures to common TTPs, OS hardening/best practices, log aggregation and query methods, securing privileged access within an Active Directory domain  
• Experience developing firm-wide guidelines, standards, and procedures around IT security policy
• Familiarity with common Cybersecurity frameworks is a plus
• Fluency in English required