Security Engineer

Summary

The Security Engineer is responsible for protecting the security and integrity of Vornado’s enterprise systems, networks, and data. This role works closely with the Network, Infrastructure, and Service Desk teams to maintain and enhance the company’s overall cybersecurity posture.

The Security Engineer manages and improves the effectiveness of enterprise security technologies including endpoint protection, intrusion prevention, vulnerability management, multi-factor authentication, and network monitoring tools. The role also supports the implementation of security policies, manages access controls, responds to security incidents, and ensures compliance with applicable security standards and audits.

This position plays a key role in identifying emerging threats, implementing preventative controls, and recommending security improvements across the organization.

Key Responsibilities:

Security Architecture & Infrastructure

• Design and maintain the enterprise network security architecture.
• Manage and maintain endpoint security platforms including anti-virus, anti-malware, and intrusion prevention systems.
• Oversee web filtering platforms and produce periodic reporting on usage and compliance.
• Manage deployment of critical operating system and security updates.
• Ensure endpoint compliance using Network Access Control (NAC) technologies.
• Implement and maintain secure remote access solutions including multi-factor authentication.
• Manage PC and server security hardening and system lockdown procedures.

Security Operations & Monitoring

• Monitor and respond to security alerts, vulnerabilities, and malware outbreaks.
• Review and analyze security logs across private and public infrastructure.
• Remediate vulnerabilities identified through vulnerability scanning tools.
• Coordinate vulnerability assessments, penetration testing, and security audits.
• Maintain operational effectiveness of network security appliances and tools.

Access Management & Identity Security

• Manage and periodically review user access to applications, file systems, VPN, internet resources, and Active Directory.
• Support identity and access management technologies including SSO, SAML, and enterprise certificate authorities.
• Enforce least-privilege access and security best practices across the environment.

Security Governance & Compliance

• Develop and maintain IT security policies, standards, procedures, and documentation.
• Assist with compliance initiatives and coordination of required industry audits.
• Provide reporting to management regarding the effectiveness of security controls.
• Recommend new security technologies, tools, and processes to improve the company’s security posture.
• Work with technology vendors and service providers to ensure security architecture, integrations, and operational practices align with company security policies and NIST-aligned cybersecurity standards.
• Participate in third-party risk management activities including security reviews, documentation validation, and remediation coordination with vendors.

Security Awareness & Collaboration

• Collaborate with IT teams to ensure an enterprise-wide approach to security.
• Promote and support information security awareness throughout the organization.
• Stay informed on emerging threats and attacker techniques and recommend countermeasures.
• Ensure security policies, procedures, and technical controls align with recognized cybersecurity frameworks such as the NIST Cybersecurity Framework (CSF) and NIST 800-series guidelines.

Operational Responsibilities

• Monitor and prioritize security-related support tickets.
• Participate in after-hours or weekend support as required.

Job Qualifications:

Technical Skills

• Strong hands-on experience with:
  • URL filtering technologies
  • Network Access Control (NAC)
  • Vulnerability scanning and remediation
  • Multi-factor authentication (MFA)
• Experience with:
  • Single Sign-On (SSO) and SAML authentication
  • Enterprise certificate authorities
  • Endpoint security platforms
• Experience securing Windows Server environments.
• Knowledge of security tools used for monitoring, vulnerability management, and threat prevention.

Professional Skills

• Ability to prioritize tasks and work effectively in high-pressure environments.
• Strong analytical, troubleshooting, and problem-solving skills.
• Ability to research and evaluate emerging security technologies.
• Strong communication and collaboration skills.
• Highly organized, detail-oriented, and self-motivated.
• Ability to translate technical requirements into practical security solutions.

Education/Experience:

• Bachelor’s degree in Computer Science, Information Systems, or a related field.
• Minimum 5 years of experience in IT infrastructure, cybersecurity, or related disciplines.
• Experience implementing infrastructure security best practices and procedures.
• Membership in professional security organizations (e.g., ISACA, ISC², ISSA) is a plus.

Compensation

The starting base salary for this New Jersey based position is expected to be between $110,000 and $130,000 annually. Actual salary will be determined based on skills, experience (to the extent relevant) and other job-related factors, consistent with applicable law.

Vornado Realty Trust is not offering relocation for this position located in our Paramus NJ office.

Vornado Realty Trust is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard for race, religion, color, national origin, sex, age, status as a protected veteran, among other things, or status as a qualified individual with disability.