Description
Cybersecurity Engineer
- Lead Cybersecurity investigations and incidents; contain and eradicate Cybersecurity incidents.
- Implement and manage cloud, and network security capabilities including, but not limited to,endpoint protection, web filtering, vulnerability management, and incident detection and response.
- Perform strategic and tactical threat management, integrating threat data into vulnerability and risk management capabilities.
- Coordinate with IT Teams in identifying and remediating vulnerabilities.
- Partner with internal IT teams, Managed Security Service Providers (MSSP), Cloud Hosting Providers and other Managed Service Providers to provide Cybersecurity capabilities for a globally distributed workforce.
- Act as subject matter expert and provide consultative support on internal projects related to or involving cybersecurity; participate in secure system design and architecture, providing security requirements and recommendations.
- Manage annual penetration testing and cybersecurity audit commitments.
- Other duties as assigned.
Qualifications:
- Minimum 5+yearsof experience in Information/Cyber Security or similar experience.
- Bachelor's degree in Computer Science, or related field of study.
- Security Certifications preferred (CISSP, CEH, CISA, CISM, GIAC, CRISC).
- Understanding of cybersecurity standards and frameworks.
- Hands-on experience in IaaS, PaaS, SaaS, including Identity and Access Management roles.
- Strong understanding of network security techniques, infrastructure threat modelling and secure design, and the OWASP Top Ten.
- Familiarity with various forms of encryption and hashing, and their appropriate use cases.
- Demonstrated knowledge of regulatory requirements (SOX, ISO, and FDA) preferred.
- Prior hands on experience with UEBA, EDR, ATP, DNS Filtering, PAM & EPM preferred.
- Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel.
- Project ownership experience, specifically in gathering requirements, developing technical project scope, finding solutions, and reporting progress and challenges.
- Ability to independently prioritize multiple competing tasks.
- Ability to participate in occasional off-hours handling of security incidents.
- Must be able to work independently with minimal supervision.
- Availability to support off-hour critical security event