Vacancy caducado!
- Bachelor’s Degree in Computer Science, Information Systems, Cyber Security or equivalent related technical field.
- At least 5 years’ experience as a Cyber Security Engineer, or comparable role.
- Certifications in one or more areas or willingness to obtain: CISSP, a GIAC certification (GSEC, GCIH, or other), CEH, ECSA, CompTIA Security+, or comparable.
- Experience with NIST Cybersecurity Framework, NIST 800-53, ISO 27001/27002, CIS CSC Top 20. OWASP, Top 10 and CWE/SANS Top 25.
- Experience supporting regulatory compliance audits.
- Network and cloud security architecture development and definition.
- Demonstrated experience within multiple security disciplines including Network Security, Privileged Access Management, Cloud Security/CASB, Endpoint Protection, Data Loss Prevention, Identify and Access Management, Incident Management and Vulnerability Management.
- Management of firewalls, web application firewalls (WAF), intrusion detection systems, and other network security devices a plus.
- Strong experience in securing Windows and Office 365 environments.
- Administration of SIEM (Security Information and Event Management) platforms, log collection, and tuning.
- Incident Management and Response Planning.
- Experience working with managed security service providers.
- Secure coding practices, ethical hacking and threat modeling.
- Familiarity with third-party audits and cloud risk assessment methodologies.
- Comfortable working with a variety of technologies supporting large scale deployments, troubleshooting solutions issues and proficient in monitoring and investigating security events.
- Strong customer/client focus, with the ability to manage expectations appropriately.
- Support the overall vision and strategy of the Information Security Department.
- Research, evaluate, design, test, recommend and implement of new or updated information security solutions.
- Provide technical expertise for the administration of all security tools.
- Consult with IT staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, software, and business applications.
- Monitor and report on emerging risk and compliance with organizational security policies, including the enforcement of policies within the IT department.
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
- Enhance Data Protection and enterprise Data Loss Prevention technologies and procedures for on premise and Cloud Services.
- Enhance controls to secure, manage and monitor Privileged Access.
- Work closely with a "24x7" external cyber threat monitoring service. Maintain and support its on premise detection technology and SIEM.
- Respond to, investigate, and where appropriate, resolve, or escalate reported security incidents. Provide postmortem analysis to illuminate the issues and possible solutions.
- Administer the multi-factor authentication (MFA) and single sign-on (SSO) solutions and continue their integration across various business systems, including SaaS-based platforms.
- Support the Vulnerability Management Program by maintaining its infrastructure and conduct recurring scans of all systems and applications.
- Provide guidance to System Administrators and Application teams to remediate identified vulnerabilities.
- Provide technical guidance, training and documentation covering the usage and impact of security technology.
Vacancy caducado!