Cyber Security Engineer
[boston, Ma], Not Specified
Employer: Saxon Global
Industry:
Salary: Competitive
Job type: Full-Time
Title: Cyber Security Engineer
Interview Process: 1-2 rounds
The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required to respond to emergencies and to perform system maintenance that cannot be completed during normal business hours.
Under the supervision of the Security Manager, working individually or as part of a project team, the Cyber Security Engineer will continuously assess security and related risks to the enterprise office locations, assets, and employees and make recommendations for mitigation strategies that will decrease risk. They will assist in maintaining the confidentiality, integrity, and availability of computer workstations, servers, and local area networks.
Experience:
The desired candidate will have significant operational cyber security experience with a background in incident response; project development and management related to planning, implementation and maintenance of security systems and processes; experience with threat modeling; implementation of security controls to protect infrastructure and data; a working knowledge of security domains and security frameworks; experience with SIEM tools, log aggregation and analysis; experience with vulnerability identification, assessment, and management; knowledge of network and traffic analysis; and knowledge of penetration testing techniques.
Primary Responsibilities:
The Cyber Security Engineer will be responsible for all operational aspects of network security engineering: design, implementation, optimization, monitoring, mitigation and troubleshooting of our LAN, WAN, WLAN and DR networks.
• Participate in and often lead investigations pertaining to threat assessment and mitigation for both internal and external threats. o Incident response, remediation and recovery.
o Conduct investigations of anomalies found during audit trail analysis.
o Participate in security related investigations as needed to ensure that policy defined tasks are completed.
• Provide technical support for numerous standalone and network systems to include penetration testing, vulnerability scanning, virus updates, patches, service packs, and hot fixes, policies related to onboarding/offboarding of staff, media controls, and ensuring all security related documentation is notated as required.
• Monitor networks and systems for security issues through the use of various security tools.
• Perform vulnerability scans, analyze results and assist with the remediation as necessary.
• Conduct regular audits to ensure authorized systems are being operated securely and are in compliance with security policies and procedures.
• Monitor access to all information systems and report on compliance with established policies and procedures, relative to the level of potential risk and recommend appropriate corrections.
• With the Security Manager, leverage security best practices to assess, design, test, approve, implement, and support new and existing multi-tier solutions in multiple sites and data centers.
• Create accurate network diagrams and documentation for planning security- based changes, investigating network impact, and issuing resolution procedures.
Technical Qualifications:
Education and Experience
• Bachelor's degree or higher in Information Technology or other engineering or technical discipline and at least 3 years IT experience with a minimum of 2 years Cyber Security Information experience. Four year relevant experience may be substituted with professional certification such as:
• Certified Information Systems Security Professional (CISSP)
• CISA - Certified Information Systems Auditor (CISA)
• CEH - Certified Ethical Hacker (CEH)
• CISM - Certified Information Security Manager (CISM)
• ISSAP - Information Systems Security Architecture Professional (ISSAP)
• ISSEP - Information Systems Security Engineering Professional (ISSEP)
• Certification in Spunk and Enterprise Security Administration
• Strong ability with security policy administration, ACLs, IPS/IDS, port scanning and pen- testing tools.
• Experience in threat management and assessment as it relates to incident response.
• Experience with corporate security risk assessment, analysis and mitigating controls.
• Experience with endpoint security solutions, including file integrity monitoring, white listing, and data loss prevention.
• In depth understanding of NIST SP 800-61, CIS Controls.
• Familiarity with routers, switches, firewalls, load balancers, proxies, accelerators, and wireless technologies.
Interview Process: 1-2 rounds
The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required to respond to emergencies and to perform system maintenance that cannot be completed during normal business hours.
Under the supervision of the Security Manager, working individually or as part of a project team, the Cyber Security Engineer will continuously assess security and related risks to the enterprise office locations, assets, and employees and make recommendations for mitigation strategies that will decrease risk. They will assist in maintaining the confidentiality, integrity, and availability of computer workstations, servers, and local area networks.
Experience:
The desired candidate will have significant operational cyber security experience with a background in incident response; project development and management related to planning, implementation and maintenance of security systems and processes; experience with threat modeling; implementation of security controls to protect infrastructure and data; a working knowledge of security domains and security frameworks; experience with SIEM tools, log aggregation and analysis; experience with vulnerability identification, assessment, and management; knowledge of network and traffic analysis; and knowledge of penetration testing techniques.
Primary Responsibilities:
The Cyber Security Engineer will be responsible for all operational aspects of network security engineering: design, implementation, optimization, monitoring, mitigation and troubleshooting of our LAN, WAN, WLAN and DR networks.
• Participate in and often lead investigations pertaining to threat assessment and mitigation for both internal and external threats. o Incident response, remediation and recovery.
o Conduct investigations of anomalies found during audit trail analysis.
o Participate in security related investigations as needed to ensure that policy defined tasks are completed.
• Provide technical support for numerous standalone and network systems to include penetration testing, vulnerability scanning, virus updates, patches, service packs, and hot fixes, policies related to onboarding/offboarding of staff, media controls, and ensuring all security related documentation is notated as required.
• Monitor networks and systems for security issues through the use of various security tools.
• Perform vulnerability scans, analyze results and assist with the remediation as necessary.
• Conduct regular audits to ensure authorized systems are being operated securely and are in compliance with security policies and procedures.
• Monitor access to all information systems and report on compliance with established policies and procedures, relative to the level of potential risk and recommend appropriate corrections.
• With the Security Manager, leverage security best practices to assess, design, test, approve, implement, and support new and existing multi-tier solutions in multiple sites and data centers.
• Create accurate network diagrams and documentation for planning security- based changes, investigating network impact, and issuing resolution procedures.
Technical Qualifications:
Education and Experience
• Bachelor's degree or higher in Information Technology or other engineering or technical discipline and at least 3 years IT experience with a minimum of 2 years Cyber Security Information experience. Four year relevant experience may be substituted with professional certification such as:
• Certified Information Systems Security Professional (CISSP)
• CISA - Certified Information Systems Auditor (CISA)
• CEH - Certified Ethical Hacker (CEH)
• CISM - Certified Information Security Manager (CISM)
• ISSAP - Information Systems Security Architecture Professional (ISSAP)
• ISSEP - Information Systems Security Engineering Professional (ISSEP)
• Certification in Spunk and Enterprise Security Administration
• Strong ability with security policy administration, ACLs, IPS/IDS, port scanning and pen- testing tools.
• Experience in threat management and assessment as it relates to incident response.
• Experience with corporate security risk assessment, analysis and mitigating controls.
• Experience with endpoint security solutions, including file integrity monitoring, white listing, and data loss prevention.
• In depth understanding of NIST SP 800-61, CIS Controls.
• Familiarity with routers, switches, firewalls, load balancers, proxies, accelerators, and wireless technologies.
Created: 2024-04-20
Reference: SG - 93264
Country: United States
State: Not Specified
City: [boston, Ma]