Lead Engineer, Cyber Security Operations
- JOB SUMMARY
The Principal Cyber Security Engineer works both independently and collaboratively with developers, project managers, project engineers, systems engineers, and software engineers. The primary responsibility for this individual will be the day to day activities/tasks associated with implementing cyber security solutions as it applies to the development and employment of a wide range of products. This includes ensuring adherence to secure engineering practices during the product life-cycle of software and hardware.
- ESSENTIAL FUNCTIONS
Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions.
- Responsible for management, implementation, configuration, and deployment of Information Security systems such as SEIM, FWs, IDS/IPS, EDR, DLP, AV, ..ect
- Security Operations: Configuration and maintenance of security tools, applications, and processes to include next-generation firewalls, endpoint protection, email protection, and logging generation, collection, and analysis
- Security Monitoring: Primarily responsible for SIEM security event monitoring, and for creating and tuning custom detection rules
- Threat Management: Analyze threat intel, identify threat vectors, perform threat modeling, and develop use cases for security monitoring and response actions
- Reporting: Creation of reports, dashboards, metrics for security operations based on detected incidents/events
- Contribute to the design, development, and implementation of strategic IT security projects & initiatives
- Work across the organization to provide direction for Information Security initiatives. Assist information owners in identifying and implementing controls to mitigate the threats to the organization's information assets and computing resources. Identify and recommend security solutions to meet the changes in technology and business operations.
- Comprehend large, complex systems through documentation, diagrams, and direct communication
- Act as an advocate for Information Security standard methodologies.
- Consults with IT and business areas management regarding their security risks and responsibility in minimizing those risks.
- Represent security concerns with application development teams.
- Conduct application and vendor baseline reviews.
- Stay current with emerging cyber security technologies and industry trends
The above statements are intended to describe the nature of work performed by those in this job and are not an exhaustive list of all duties. Nothing in this job description restricts managements right to assign or reassign duties and responsibilities to this job at any time which reflects management's assignment of essential functions.
III. MINIMUM EDUCATION, EXPERIENCE, SKILLS
- 6+ years of applicable experience
- Expertise with the technical implementation of security best practices and industry standards, and in-depth knowledge of cyber-attack tactics, monitoring techniques, data protection, and firewall/IPS/IDS management.
- A clear understanding of security engineering, system and network security, security testing, authentication and security protocols, cryptography, networking, and application security
- Experience in setting up and configuring log aggregation utilities, monitoring network, and system security logs, virtual environments, and assisting infrastructure, development, and security teams identify, analyze, and resolve issues
- Experience architecting and implementing enterprise-level security solutions for Cloud companies (SaaS, IaaS, etc.)
- Demonstrated ability in critical thinking, enjoy solving complex problems, and excellent analytical, communication, and interpersonal skills
- Experience creating automated processes using well-known frameworks such as PowerShell, Python, Bash, etc.
- Possession of a current industry security certification (GIAC GSEC, SSCP, Sec+ etc.);
- Possess planning, interpersonal, and motivational skills, able to write clearly and succinctly in technical and non-technical formats.
- Experience in root cause analysis, industry benchmarking, survey evaluation and data interpretation is required.
- Ability to establish and maintain multi-functional and positive working relationships.
- Advanced computer skills and proficiency.
- Strong interpersonal and networking skills with a solid ability to work in a team environment.
- Ability to work under stressful and tight deadlines as well as the ability to lead in a fast-paced environment.
- Above average computer hardware and software knowledge.
- Ability to multi-task, discerns patterns in detail.
- Think through problems for logical solutions and remain calm and professional under stress.
- Able to work with highly confidential information.
- PHYSICAL/MENTAL DEMANDS AND WORK ENVIRONMENT CHARACTERISTICS
The physical/mental demands are representative of those that must be met by an individual to successfully perform the essential functions of the job.
The work environment characteristics described here are representative of those an individual would encounter while performing the essential functions of the job.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Physical/Mental Demands and Work Environment Characteristics :
☒ Ability to organize/coordinate ☒ Comprehend and follow instructions
☒ Direct, control and plan ☒ Independently make quick decisions to solve complex issues
☒ Problem Solve ☒ Analyze/Interpret data and information
☒ Perform with frequent interruptions ☒ Make decisions using sound judgment
☐ Supervise/Manage others
☐ Good eye/hand coordination ☐ Visual Acuity
☐ Use keyboard/computer/phone ☐ Detect/Distinguish smell
☐ Detect/Distinguish hearing ☒ Maintain stationary position
☐ Position self to move ☐ Move/Traverse
☐ Ascend/Descend (climb) ☐ Reaching
☐ Calibrate precise ☐ Ability to safely operate hand tools
☐ Move/Transport [X] lb. ☐ Repetitive movement activities
☒ Regular and predictable attendance
☐ Work around extreme temperatures - cold or hot
☐ Work around noise above conversation level
☒ Work in restricted access to laboratory area
☐ Exposure to dust/gas/fumes/steam/chemicals
☐ Work with Select Agents as defined by the CDC
☐ Work irregular hours that often include nights and weekends
☐ Work in multiple locations
20% travel including internationally