Job description
For over half a decade, Hudson Manpower has been a trusted partner in delivering specialized talent and technology solutions across IT, Energy, and Engineering industries worldwide. We work closely with startups, mid-sized firms, and Fortune 500 clients to support their digital transformation journeys. Our teams are empowered to bring fresh ideas, shape innovative solutions, and drive meaningful impact for our clients. If you're looking to grow in an environment where your expertise is valued and your voice matters, then Hudson Manpower is the place for you. Join us and collaborate with forward thinking professionals who are passionate about building the future of work.
Key Responsibilities
• Design, implement, maintain, and continuously improve security controls and capabilities (e.g. IDS/IPS, next-gen firewalls, endpoint protection, SIEM, EDR/XDR, network segmentation, microsegmentation, DLP, WAF, CASB).
• Perform risk assessments, security reviews, threat modeling, architecture reviews, and security design evaluations for new systems, platforms, and integrations.
• Lead efforts to detect, analyze, respond to, and remediate security incidents; perform root cause investigations, forensics, and lessons-learned programs.
• Conduct vulnerability scanning, penetration tests, red/blue team exercises, and ensure remediation tracking and validation.
• Integrate security into DevOps and CI/CD pipelines (DevSecOps) — e.g. static code analysis (SAST), dynamic / interactive scanning (DAST / IAST), container & cloud security, secrets management.
• Develop and tune security detection use-cases, alerts, and analytic rules in SIEM / EDR / UEBA / log platforms.
• Automate repeatable security tasks (e.g. log analytics, threat feed ingestion, alerts triage) using scripting / tooling (Python, PowerShell, etc.).
• Collaborate cross-functionally with network, systems, application, and cloud teams to embed security controls early in project lifecycles.
• Maintain and enforce security policies, standards, baselines, and guidelines (aligned with NIST, CIS, ISO 27001, FFIEC, etc.).
• Mentor and coach junior security engineers, conduct peer reviews, and champion security culture and awareness.
• Keep current with threat actor techniques, emerging vulnerabilities, security technologies, and industry best practices; propose architectural or tool upgrades.
• Participate in audits, regulatory requirements (e.g. internal, external, SOX, PCI, FFIEC), and provide evidence and technical support.
• On-call rotation as part of incident response / escalation.
Qualifications / Experience
• Bachelor's degree in Computer Science, Information Security, or a related discipline (or equivalent experience).
• Minimum of 5-8+ years of experience in information security, with at least 2-3 years in senior or lead-level roles.
• Hands-on experience across multiple security domains: network security, endpoint security, identity & access management, application security, cloud security, etc.
• Strong knowledge of security frameworks / standards (e.g. NIST CSF, NIST SP 800-53, CIS Controls, ISO 27001, FFIEC).
• Experience deploying and configuring security tools: SIEM, EDR, IDS/IPS, WAF, DLP, CASB, vulnerability management platforms.
• Experience in incident detection / response and forensics.
• Proficiency in scripting or programming (Python, PowerShell, Bash, etc.) for automation.
• Familiarity with public cloud environments (AWS, Azure, GCP) and their security controls / tooling.
• Experience integrating security into CI/CD pipelines and DevSecOps practices.
• Strong analytical, problem-solving, communication, and stakeholder engagement skills.
• Professional certifications such as CISSP, CISM, GIAC (GSEC, GCIA, GCIH, etc.), or equivalent are preferred.
• Experience in highly regulated / financial or banking environments is strongly preferred.
Competencies & Soft Skills
• Ability to translate technical security risk into business impact and communicate to leadership.
• Ability to drive change, persuasion, and influence across teams.
• Proven leadership / mentoring and collaborative skills.
• Self-starter, continuous learner, adaptable in a fast-paced environment.
Requirements
• Bachelor's degree in Computer Science, Information Security, or a related discipline (or equivalent experience)
• Minimum of 5-8+ years of experience in information security, with at least 2-3 years in senior or lead-level roles
• Hands-on experience across multiple security domains: network security, endpoint security, identity & access management, application security, cloud security, etc
• Strong knowledge of security frameworks / standards (e.g
• NIST CSF, NIST SP 800-53, CIS Controls, ISO 27001, FFIEC)
• Experience in incident detection / response and forensics
• Proficiency in scripting or programming (Python, PowerShell, Bash, etc.) for automation
• Familiarity with public cloud environments (AWS, Azure, GCP) and their security controls / tooling
• Experience integrating security into CI/CD pipelines and DevSecOps practices
• Strong analytical, problem-solving, communication, and stakeholder engagement skills
• Ability to translate technical security risk into business impact and communicate to leadership
• Ability to drive change, persuasion, and influence across teams
• Proven leadership / mentoring and collaborative skills
• Self-starter, continuous learner, adaptable in a fast-paced environment
