Job
Description
As IT Cybersecurity Engineer and member of the Chief Information Security Officer (CISO) organization you will support the security of the company products and infrastructure. You will use your knowledge of concepts, technology and tooling to ensure the security of the company s and our client s critical information. This will include participation in the maintenance and monitoring of security tooling, investigation of security incidents and support company and client audits. You will interface with the business and functional leaders in development, operations, information technology and other stakeholders to promote and support a secure environment. Essential Job Duties Provides technical leadership, advice, guidance and perform IT Cybersecurity related activities. Works under limited supervision and in conjunction with team members with the objective to ensure a secure and compliant environment. Manage day to day security tools such as Vulnerability Management, Data Loss Prevention, File Integrity Monitoring, Encryption, Key Management, Intrusion Detection, etc. Work with various technology teams to ensure tool sets used to detect infrastructure security issues are deployed on all necessary platforms. Research new security trend and provide recommendation to support increased security protection for our environment. Defines objective and implements complex solutions related to IT Cybersecurity. Accountable for project results, timing and productiveness in delivery activities. Provide technical expertise in Information Technology and on Security products with hands-on experience. Assist with data protection initiatives and other programs as necessary Participates in the internal and external audit program to demonstrate security procedures and tools to assure ongoing compliance. Participates in activities related to the corrective and preventive action process. Recognizes problems related to project objectives and applies sound judgement when addressing the issues. Independently generates solutions based on analytical skills and business knowledge . Pursues a program of self-development using selected reading, seminars, and participation in continuing education. Performs all duties and responsibilities as required by the company Security Policies and Procedures. Identifies and communicates possible improvements in the work process for customers and peers. Performs other duties as assigned by immediate supervisor or upper management Required Qualifications Bachelor s degree in a scientific or technical discipline required 2+ years of technical, hands-on proficiency in multiple cybersecurity competencies ( e.g. network security, systems security, application security, security operations) 2+ years experience performing security technical testing or technical controls validation including documentation of testing methods and results Knowledge and experience implemented Vulnerability Management process to include configuration and scanning, reporting, and the remediation process Defender Endpoint Detection and Response knowledge and experience Knowledge of security controls related to infrastructure technology including enterprise storage (NAS/SANS), Windows and Linux Operation systems, ESX VMware, etc Knowledge using SIEM products (e.g., Splunk, Sumo Logic) to collect data and investigate anomalies Microsoft 365 Office Message Encryption (OME) knowledge and experience Experience in Security administration of cloud (Azure security) Knowledge of security standards and controls (e.g., NIST, CIS etc ) Proactive awareness of emerging cybersecurity threats and technologies Detail oriented with strong verbal and presentation skill Demonstrated proficiency with executive level presentations and status reporting Excellent interpersonal, communication, and negotiation skills Effective research and analytical skills Effective written and oral communication, technical writing and editing skills Ability to work independently with minimal supervision Preferred: Security related certification ( i.e. Security+, CISSP, GIAC, etc ) Experience implementing security controls to meet requirements of various security and privacy related standards and regulations such as SOC I/II, ISO 2700x, HIPAA, GDPR, HITRUST, etc
