Cybersecurity Engineer

Greetings!

We at Coforge are seeking Cybersecurity Engineer with the following skill-set to join our growing team

Workplace type: Always Work from Office

3 cybersecurity roles (GRC ; Systems, Automation & Logging ; Network & Systems)

Engineer, Cybersecurity- GRC Fort Worth, TX

Description:
Focus: Risk, Governance, Vulnerability Management, Policies, and Standards
Engineer, GRC & Assessments (ANSP Program)
FOCUS
Ensure secure aircraft, ground, and communications systems relied upon for our ANSP Program, with concentrated attention towards risk, governance, vulnerability management, policies, and standards.

RESPONSIBILITIES
Develop and implement security policies and standards, ensuring compliance with industry regulations and best practices.
Conduct risk assessments and vulnerability assessments to identify1 and mitigate security risks.
Manage the vulnerability management program, including vulnerability scanning, penetration testing, and remediation.
Develop and deliver security awareness training programs.
Collaborate with stakeholders to integrate security considerations into the design and development of new aviation systems.
Stay informed about emerging threats and vulnerabilities in the aviation industry.

SKILLS
Cybersecurity Risk & Governance Expertise: Requires 3-5 years of progressive cybersecurity engineering experience with a deep understanding of risk management frameworks (NIST SP 800-37, ISO 27005), governance principles, vulnerability management, and security policy development.
Risk Assessment & Mitigation: Proven experience conducting risk assessments (NIST 800-30, NIST CSF), identifying vulnerabilities, analyzing threats, and developing effective mitigation strategies.
Vulnerability Management Program Expertise: Expertise in vulnerability management tools and processes, including vulnerability scanning, penetration testing coordination, vulnerability prioritization, and remediation tracking.
Policy & Standard Development & Implementation: Strong ability to develop, document, and implement security policies, standards, and procedures that align with industry best practices, regulatory requirements, and risk tolerance
Communication & Stakeholder Collaboration: Excellent communication (written and verbal) and interpersonal skills to effectively communicate security risks, governance strategies, and policy recommendations to diverse stakeholders, including technical teams, management, and external partners.

PREFERRED CERTIFICATIONS
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CISA (Certified Information Systems Auditor)
CRISC (Certified in Risk and Information Systems Control)
CompTIA Security

TOOLS AND TECHNOLOGIES
Risk Management Frameworks: (e.g., NIST RMF, NIST CSF, ISO 27005)
Risk Assessment Methodologies: (e.g., NIST 800-30, Threat Modeling)
GRC Platforms: (e.g., ServiceNow GRC, RSA Archer)
Vulnerability Management Tools: (e.g., Tenable Nessus, Tanium)
Penetration Testing Understanding: (Familiarity with tools & methodologies for report interpretation)
Policy & Collaboration Tools: (e.g., SharePoint, Microsoft Teams, Policy Management Platforms)

Surrounding team/key projects:
Develop and implement a Cybersecurity Risk Management Framework for ANSP Ground Systems (Based on NIST RMF or ISO 27005)
Establish and mature vulnerability management program for aircraft ground infrastructure
Develop and deploy a suite of Security Policies and Standards for Aviation System Development Lifecycle (SDLC)
Conduct a comprehensive Cybersecurity Risk Assessment of a Critical Aviation Ground Systems using NIST 800-30
Develop and deliver targeted Security Awareness Training for Aviation Operations Personnel on a Specific Risk Area

------------------------------------------------------------------
Engineer, Cybersecurity Fort Worth, TX

Description:
Focus: Systems, Scripting, Automation, Cloud, Logging, and PKI Security
Engineer, Systems, Automation & Logging (ANSP Program)

FOCUS
Ensure secure aircraft, ground, and communications systems relied upon for our ANSP Program, with concentrated attention towards systems, scripting, automation, cloud, logging, and PKI security.

RESPONSIBILITIES
Develop and implement automated security solutions for vulnerability scanning, log analysis, and security configuration management.
Design and implement centralized log management systems.
Automate security tasks and manage systems using scripting languages (Python, PowerShell, Bash).
Secure cloud environments (AWS, Azure) through automation and configuration management.
Manage PKI infrastructure, including certificate lifecycle management and key management.
Collaborate with system administrators and stakeholders to enhance security posture.
Stay current on the latest security technologies and automation techniques.
Define security baselines (e.g., CIS benchmarks) for Windows and Linux servers in aviation environments and automate the process of checking and enforcing these baselines using tools like Ansible/Puppet and scripting.

SKILLS
Cybersecurity & Automation Expertise: Requires 3-5 years of progressive cybersecurity engineering experience with a strong focus on systems security, security automation, log management, cloud, and PKI.
Strong Scripting & Automation Skills: Proficiency in scripting languages (Python, PowerShell, Bash) for security automation and system management. Deep experience with automation frameworks (Ansible, Puppet, Chef, Terraform) and CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps) to build and deploy automated security solutions.
Log Management & SIEM Expertise: Deep understanding of log management principles, technologies, and SIEM solutions (Securonix, Sentinel, Event Hubs, Graylog, Logstash, Fluentd) for log collection, analysis, correlation, and security monitoring.
Cloud & PKI Security Focus: Expertise in cloud security (AWS or Azure), leveraging cloud APIs and security services (AWS Security Hub, Azure Security Center, AWS Lambda, Grafana). Extensive experience with PKI, including certificate lifecycle management, key management, and PKI infrastructure administration.
Security Automation & Tool Integration: Ability to leverage tools like Tanium and Dynatrace (or similar) to automate security tool deployment and configuration in both on-premises and cloud environments.

PREFERRED CERTIFICATIONS
CISSP (Certified Information Systems Security Professional)
CCSP (Certified Cloud Security Professional)
CompTIA Security
AWS Certified Security Specialty
Microsoft Certified: Azure Security Engineer Associate

TOOLS AND TECHNOLOGIES
Scripting & Automation:
Scripting Languages: Python, PowerShell, Bash
Automation Frameworks: Ansible, Puppet, Chef, Terraform
CI/CD Tools: Jenkins, GitLab CI/CD, Azure DevOps (for security automation)

Cloud Platforms (AWS or Azure Focus):
Cloud APIs & SDKs: (AWS SDK, Azure SDK)
Cloud Security & Monitoring Services: (AWS Security Hub, Azure Security Center, CloudWatch, Azure Monitor)
Data Visualization: Grafana, Kibana or similar

Logging & Monitoring (SIEM/Log Management):
SIEM Platforms: (e.g., Securonix, Sentinel, Splunk)
Log Management Tools: (e.g., Graylog, ELK/Elastic Stack, Fluentd)

Public Key Infrastructure (PKI):
Certificate Authorities (CA): (e.g., Microsoft AD CS, OpenSSL, HashiCorp Vault)
Key Management Systems (KMS): (e.g., Hardware HSMs, AWS KMS, Azure Key Vault)

SURROUNDING TEAM/KEY PROJECTS:
Define security baselines (e.g., CIS benchmarks) for Windows and Linux servers used in aircraft environments, and then automate the process of checking and enforcing these baselines using tools like Ansible/Puppet and scripting.
Automate the collection of security logs from AWS/Azure services relevant to aviation applications, process and normalize those logs, and ingest them into a SIEM (like Azure Sentinel or a cloud-based SIEM). Create automated dashboards and alerts in Grafana or the SIEM based on these logs.
Automate certificate enrollment, renewal, revocation, and monitoring for various aviation services using a Surrounding team/key projects Define security baselines (e.g., CIS benchmarks) for Windows and Linux servers used in aircraft environments, and then automate the process of checking and enforcing these baselines using tools like Ansible/Puppet and scripting.
Automate the collection of security logs from AWS/Azure services relevant to aviation applications, process and normalize those logs, and ingest them into a SIEM (like Azure Sentinel or a cloud-based SIEM). Create automated dashboards and alerts in Grafana or the SIEM based on these logs.
Automate certificate enrollment, renewal, revocation, and monitoring for various aviation services using a PKI infrastructure (like AD CS or HashiCorp Vault) and scripting/automation tools. This could involve integrating with load balancers, web servers, or application servers.
Automate vulnerability scans of aviation systems (using Nessus or similar), process the scan results, prioritize vulnerabilities based on severity and exploitability, and generate automated reports. Integrate this with a ticketing system or notification system to alert relevant teams for remediation.
Develop scripts or playbooks within the SIEM (or using serverless functions triggered by SIEM alerts) to automatically analyze security events, enrich them with context, perform initial triage, and potentially automate basic incident response actions.

------------------------------------------------------------------------------
Engineer, Cybersecurity- Network & Systems Fort Worth, TX

Description:
Focus: Network, Systems, Cloud, and PKI Security
Engineer, Network & Systems (ANSP Program)

FOCUS
Ensure secure aircraft, ground, and communications systems relied upon for our ANSP Program, with concentrated attention towards network, systems, cloud, and PKI security.

RESPONSIBILITIES
Secure aircraft and ground systems by implementing and maintaining the ANSP, including PKI, VPN, and zero-trust solutions.
Manage and maintain server infrastructure (Windows and Linux) supporting cybersecurity systems.
Configure and manage network devices, including firewalls, VPN gateways, and intrusion detection systems.
Manage cryptographic keys and digital certificates, ensuring compliance with industry standards.
Respond to and manage security incidents, including forensic analysis and remediation.
Collaborate with stakeholders to ensure secure and efficient operations.
Stay updated on the latest developments in aircraft IT and network security.
Support the development of security training programs.
Monitor aviation systems for suspicious activities and analyze logs to identify threats.
Perform risk assessments and ensure compliance with aviation-specific cybersecurity frameworks.
Collect and analyze threat intelligence data, staying informed about emerging threats.
Secure cloud environments for security log analysis and reporting. Includes designing the secure cloud architecture, configuring security groups, implementing IAM policies, ensuring data encryption (at rest and in transit).
Conduct comprehensive security posture assessments of our ANSP ground systems.

SKILLS
Deep Cybersecurity Expertise: Requires 3-5 years of progressive cybersecurity engineering experience with deep understanding of network, systems (including Windows and Linux server administration), cloud, and PKI security principles and technologies.
Hands-on Technical Skills: Proficiency in managing firewalls, VPNs, IDPS, ZTNA, EDR, vulnerability scanning, configuration management tools, and CSPM solutions. Also includes demonstrated experience in Windows and Linux server configuration, hardening, maintenance, and security patching.
Cloud & PKI Focus: Expertise in cloud security (AWS or Azure) and extensive experience with PKI infrastructure, certificate lifecycle management, and key management are essential.
Secure Architecture & Vulnerability Management: Ability to design secure network architectures and conduct security assessments to identify and mitigate vulnerabilities, including system-level vulnerabilities on Windows and Linux servers.
Aviation Security Contribution: Will contribute to critical FAA aircraft network security program duties, including securing communication between aircraft and ground systems, collaborating with OEMs, and ensuring the security and integrity of underlying Windows and Linux server infrastructure.

PREFERRED CERTIFICATIONS
CISSP (Certified Information Systems Security Professional)
CCSP (Certified Cloud Security Professional)
CompTIA Security
Cisco CCNA (Cisco Certified Network Associate)
GIAC Security Essentials (GSEC)

TOOLS AND TECHNOLOGIES
Network Security
Enterprise-grade Firewalls: (e.g., Cisco Firepower, Palo Alto Networks, Fortinet)
VPN & ZTNA Technologies: (e.g., RRAS, Tempered Airwall, Cisco AnyConnect, Zscaler, OpenVPN)
Intrusion Detection/Prevention Systems (IDPS): (e.g., Snort, Suricata, Zeek)
Monitoring Tools: (e.g., Wireshark)
Experience with multiple vendors within these categories is beneficial.

System Security (Server & Endpoint)
Windows & Linux Server Security: Configuration, Hardening, Patching, Microsoft Active Directory and Group Policy
Endpoint Detection and Response (EDR): (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint)
Vulnerability Scanning: (e.g., Tenable Nessus, Tanium Comply)
Configuration Management (for Security Automation): (e.g., Ansible, Puppet, Chef)

Cloud Security (AWS or Azure Focus)
Cloud Security Posture Management (CSPM): (e.g., AWS Security Hub, Azure Security Center)
Cloud IAM & Access Control (AWS IAM, Azure AD)
Cloud Security Services: (AWS & Azure native security offerings)

Public Key Infrastructure (PKI)
Certificate Authorities (CA): (e.g., Microsoft AD CS, OpenSSL)
Key Management Systems (KMS): (e.g., Hardware HSMs, AWS KMS, Azure Key Vault, HashiCorp Vault)

SURROUNDING TEAM/KEY PROJECTS
Lead the implementation of a new network security architecture for ground-based aviation systems, including use of firewalls, VPNs, and intrusion detection/prevention systems.
Design and implement a secure hybrid cloud environment for aviation applications, ensuring compliance with industry standards and regulations.
Develop and implement a comprehensive PKI solution for securing communication between aircraft and ground systems, including certificate lifecycle management and key management.
Conduct security assessments of network infrastructure and systems, identifying vulnerabilities and recommending mitigation strategies.
Collaborate with OEMs to evaluate the security of their products and services, ensuring they meet the requirements of aviation systems.

Candidate should be willing to work onsite 60% (Minimum Tue, Wed, Thu)

Immediate Joiners are preferrable

If you aren't interested, perhaps you know an excellent referral?