Cybersecurity Engineer

• Establish monitoring and detection mechanisms to identify potential threats, and lead or assist in responding to incidents; Conduct Threat Intel monitoring and act on emerging or confirmed threats
• Conduct vulnerability assessments, penetration testing, and remediation of security weaknesses
• Automate tasks where possible, using scripting and configuration management tools
• Architect and implement security controls, including firewalls, intrusion detection systems, and encryption technologies
• Review of relevant security controls (NIST, SOC, HITRUST, CMMC, etc.) to ensure enterprise compliance; Documents and tracks vulnerabilities and control deficiencies
• Review of applications and enterprise systems to ensure industry best practices and security hardening standards
• Participate in planning and implementation of current and future security domains including those which may introduce new service areas (e.g. Cloud Computing, DevSecOps); Manage Cybersecurity requirements for M&A and integration of new business ventures for the enterprise
• Build, implement and document new locations according to industry best practices and established compliance policies
• Create and maintain documentation as it relates to network configurations/diagrams, network mapping, processes, daily checklists, and service records (Cisco Smartnet renewals, inventory)
• Monitor ITSM tickets and ensure timely response and resolutions within SLAs; Conduct monthly, quarterly, and yearly audits of cybersecurity baselines as required; Develop & maintain hardening standards for all operating systems employed by the enterprise
• Work with Networking and IT Infrastructure to address risks and maintain secure configurations; Work closely with management and team to gather input, diagnose root causes, and resolve problems

Requirements:

• Relevant security certifications such as CISSP, CCSP, CISM, GCIH, CEH, Security+, or CCNA Security, or equivalent certification required. Non-specific vendor cloud certifications are a plus
• 8-10+ years of IT related work; preferred 4+ years in a security related discipline
• Enterprise level Network/System Administration or Engineering experience
• Proficient level of knowledge of Windows and Linux operating systems, networks, and network security technologies (IPS, firewalls, etc.), TCP/IP network communication structure, protocols and processes, internet protocols and connectivity methods, vulnerability scanning, penetration testing and user authentication technologies
• Expert Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
• EDR Experience: CrowdStrike, SentinelOne, preferred, but others accepted
• Vulnerability Experience: Tenable, ACAS, Rapid7 (any of)
• Cloud Experience: Azure, AWS, GCP (any of)
• Endpoint Configuration: Intune, AD (any of)
• Demonstrated administration of security platforms and security related best practices
• Problem analysis and problem resolution at both an operational and tactical level
• Experience in developing and deploying security specific solutions including the automation of repeatable security tasks and controls
• Experience with security vulnerability and penetration tools, remediation, and processes
• Strong analytical and interpersonal skills