Position Summary
The Jr. CyberSecurity Engineer position is responsible for the internal IT infrastructure and computing devices security. This position will assist IT Technicians and other administrators with the delivery of cloud and on-prem infrastructure. This position will bridge the gap between internal and external IT efforts including communicating to customers on select projects. Responsible for implementing NIST 800-171 controls in a small business.
Essential Duties and Responsibilities
TECHNICAL WRITING
- Document system design, configuration changes, IT-related SOPs, and administrative procedures
- Create clear and detailed guides for end users and system deployment strategies
- Create and revise internal security policies. Explain necessity of policies to leadership
- Create technical documentation for systems and applications designed for customers
RESEARCH
Support the research and troubleshooting of IT-related issuesAssist in implementation of IT process improvementsInvestigate new technologies and techniques to enhance system performanceFind cost-effective ways to implement organization's IT requirementsCONFIGURE / EVALUATE
Evaluate and complete daily IT tasks and ensure task completionConfigure backup, storage, and recovery proceduresConfigure Azure, AWS, & O365 security configurationsPerform server / device health checks and proactive issue remediationTroubleshoot and configure CA for the organization’s network.Implement security controls in compliance with NIST 800-171Configure and deploy new technologies to meet business needsMONITOR
Perform system monitoring and oversee system monitoring protocols dailyVerify the integrity and availability of hardware, network, and server resources / systemsAnalyze system logs and identify potential issues with computer systemsSUPPORT
Research, troubleshoot, and recommend solutions to reported or discovered IT issuesProvide end user training where necessaryMentor IT and department staffRespond appropriately to system alertsEnsure end users can perform tasks required of themINCIDENT RESPONSE AND MANAGEMENT
Incident Handling : Assist in responding to and managing security incidents, including data breaches, malware infections, and unauthorized access.Investigation : Help in investigating security incidents to determine the cause, impact, and remediation steps.Documentation : Maintain detailed records of incidents, responses, and resolutions for future reference and compliance.CONFIGURATION AND MAINTENANCE OF SECURITY TOOLS
Tool Management : Assist with the configuration and maintenance of security tools such as firewalls, intrusion detection / prevention systems (IDS / IPS), and antivirus solutions.Updates and Patches : Support the application of security patches and updates to keep systems secure.System Hardening : Contribute to system hardening efforts by applying security best practices and configurations.SECURITY POLICY AND PROCEDURE SUPPORT
Policy Compliance : Assist in implementing and enforcing security policies, standards, and procedures.Documentation : Help maintain and update security documentation, including system security plans, risk assessments, and compliance reports.Audit Preparation : Support preparation for internal and external security audits by providing required documentation and evidence.TECHNICAL SUPPORT AND TROUBLESHOOTING
Support : Provide technical support for security-related issues, including troubleshooting security incidents and system issues.End-User Assistance : Assist end-users with security-related inquiries and issues, ensuring adherence to security policies.TECHNOLOGIES
Windows Server (including Hyper-V, Active Directory, Group Policy)
Microsoft Cloud Services (Office 365, Azure)
Cisco Networking (including AnyConnect, site-to-site VPN, and Firepower Threat Defense)
Windows, macOS, and Linux workstation troubleshooting
Endpoint / patch management : Intune, Group Policy, Ansible
Backup management
Antivirus management
Minimum Qualifications (Knowledge, Skills, and Abilities)
12 Hours Leadership TrainingCompleted BSc CybersecurityCySA Certification, Security Active Directory : 2 years (Required)OS Administration : Windows 10, Windows Server, Linux (Ubuntu, Debian), MacOS : 2 years (Required)Network Administration : 2 years (Required)Cisco ASA configuration & maintenance : 2 Years (preferred)Azure & O365 Administration : 2 years (preferred)Microsoft Sentinel / SIEM : 2 years (preferred)Hyper-V ManagementIntune MDMBackup & Recovery : 2 years (preferred)Scripting Languages : Python, PowerShellFamiliarity with regulatory compliance (CMMC 2.0 / NIST 800-171)Resourcefulness and problem-solving attitudeResourcefulness and problem-solving attitudePassion for Cybersecurity : Demonstrated interest in cybersecurity and a commitment to ongoing professional development.Adaptability : Ability to adapt to new technologies and changing security threatsOffice environment : On-siteWork Hours : 9 – 5 Monday to FridayWeekend work and overtime may be required. Candidate should be prepared to perform weekend work and / or overtime to meet the needs of the company.Physical Demands and Work Environment
Able to lift up to 50 lbsWork in a business office space that includes a lab and production environmentAdhere to all safety and regulatory protocolsBenefits
401(K) plus matching
Health Insurance
Dental Insurance
Vision Insurance
Short-term / Long-term Disability
Life Insurance
Unlimited PTO
CTG is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
