Job Description :
Job Summary:
The Cyber Security Engineer will provide support to several areas (IT, Compliance, Risk, Privacy, and Cyber Security) and function with little to no supervision needed, in information/data security systems, assessments and tools. This individual will serve as technical support for the Incident Response teams in high priority cyber investigations to solve complex problems in a timely and efficient manner. The incumbent will continuously evaluate the internal/external threat landscape, research and recommend replacement or augmentation of existing tools and capabilities, which will result in reducing risks business systems, data and assets. This position will be responsible for creating and maintaining documentation of processes and procedures, serve as a project leader for cyber security tool selection and implementation projects and function as lead developer for security tool implementations.
Key Responsibilities:
Plan, design, deploy, integrate and maintain IT security systems into corporate and store computing environments including systems used for logging, monitoring, intrusion detection, centralized cyber security knowledge base, and behavioral analysis. Identify, plan, develop and implement automation of routine tasks.
Remediate issues occurring with any IT security systems including but not limited to unexplained system outages, cyber security incidents, issues with data collection feeds or interfaces with external MSSP providers. Collaborate with IT teams to remediate any potential hardware or network issues that prevent detection capability.
Plan, design, develop, deploy, integrate and maintain cyber security tools.
Provide “swat team" style support to Incident Response Analysts by resolving problems of the most complex, technical nature. Ensure investigations remain on track with very aggressive schedules.
Drive solution identification, feasibility analysis, and implementation recommendations for operational service level improvements. Drive implementation projects from inception through completion.
Monitor emerging technology trends and the security risks associated with those technologies. Consult with business units to bring awareness of risks and mitigations so business leaders can make risk-informed decisions.
Monitor new developments in the Cyber Security software/hardware marketplace. Identify new products with potential benefit to the company and conduct in-depth research and analysis of these products.
Demonstrate the applicability of tools in real-world applications using a risk based methodology based on business impact and the threat landscape. Responsible for the evaluation, implementation, and maintenance of purchased hardware/software.
Provide knowledge transfer to team members through meetings, presentations, and written communications and ensure that the centralized knowledge base is up to date. Create, revise and maintain documentation of processes and procedures in the central knowledge base.
Participate in after incident lessons learned meetings to give input on recommendations for additional tools or other mitigations for future incidents.
Track service availability and performance metrics and provide timely updates to management.
1.
Additional Key Responsibilities:
Performs other duties as assigned by management.
Minimum Skills, Knowledge and Abilities:
Bachelor’s Degree in Computer Science, Computer Engineering, IT or a related technical field, or commensurate selection criteria experience.
Minimum of five (5) years of information technology with at least 3 years in IT Security.
Strong familiarity with security standards like the Payment Card Industry Data Security Standard (PCI DSS
Technically knowledgeable in one or more highly specialized areas of security infrastructure.
Proven experience in building or engineering security solutions for the following platforms: open systems, windows, Linux and databases.
Proven experience on both Linux-based and MS Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving. Experience using SSH to maintain and configure systems remotely.
Demonstrated strong understanding of enterprise, network, system and application level security issues.
Proven experience with system hardening processes, tools, guidelines and benchmarks.
Proven understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.
Strong team player – collaborate well with others to solve problems and actively incorporate input from various sources. Proven experience leading and motivating team members toward excellence and project completion.
Demonstrated customer focus – evaluate decisions through the eyes of the customer; build strong customer relationships and create processes with customer viewpoint.
Demonstrated analytical skills – continuously defines problems, collect or interpret data, establish facts, anticipate obstacles, and develops plans to resolve; strong problem solving skills while communicating in a clear and succinct manner effectively evaluating information / data to make decisions.
Demonstrated inherent passion for information security and service excellence.
Possess and displays excellent verbal and written communication skills; frequently expresses, exchanges, or prepares accurate information conveying information to internal and external customers in a clear, focused, and concise manner.
Demonstrated self-starter with strong internal motivation. Proven ability to work with little supervision or direction.
Proven ability to work under multiple deadlines with minimal supervision. Cite examples of successfully organizing and effectively completing projects where given little or no direction.
Preferred Minimum Skills, Knowledge and Abilities:
Security-related certifications are not required but are a plus (e.g. CISSP, SANS-GIAC, ISSAP, CISA) as are CISCO Certifications and Microsoft Certifications.