Cybersecurity Engineer

Job Title: Cybersecurity Engineer

Department: Information Technology

Reports To: Manager, Cybersecurity

FLSA: Exempt 

Status: Full-Time/ Contract 

Salary: $125,000

ABOUT CONTRACT SERVICES: 

In the mid-1960s, the major film studios, in negotiations with Hollywood’s unions, founded the non-profit Contract Services Administration Trust Fund (CSATF) and later added Contract Services Administration Training Trust Fund (CSATTF), now collectively referred to as Contract Services (CS). CS carries out an extensive list of contractual, legal, and regulatory obligations that must be implemented on behalf of the studios, especially with respect to certain requirements of the collective bargaining agreements that apply to a freelance union workforce of more than 50,000 production workers in the greater Los Angeles area. These services include: administering seniority rosters, operating safety training and apprenticeship programs, administering a drug and alcohol testing program that applies to commercial drivers working in the motion picture industry, and implementing many other industry-wide services, studies and/or education on behalf of the motion picture production industry.  

More information about CS can be found at https://www.csatf.org.

JOB SUMMARY:

Contract Services seeks a highly skilled Cybersecurity Engineer to join our IT team. You will be responsible for detecting, identifying, and responding to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures. You will work with the Cybersecurity team to help investigate and remediate the identified cybersecurity events, threats, and risks. 

To be successful as a Cybersecurity Engineer at Contract Services, you should be a strong problem solver and a self-starter who enjoys a challenge. You should be detail-oriented and a good communicator who loves collaborating and brainstorming. Since some of the remedies could include collaboration with members of the IT Operations team or the IT Software Engineering team. You should be comfortable working independently but can also work with internal team members to find solutions, overcome roadblocks, and keep multiple projects running smoothly. You should constantly strive to improve your skills and knowledge, take pride and ownership in your work, and enjoy working in a dynamic organization.

KEY DUTIES AND RESPONSIBILITIES:

• Ensure all production security controls and technologies operate in compliance with all established polices and SLAs, across all aspects of the security operating framework.
• Configure, maintain, and optimize technology solutions and systems that provide security for company systems, networks, and data, including security policy enforcement, centralized configuration management, monitoring, etc.
• Provides detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities.
• Characterizes and performs analysis of network traffic and system data to identify anomalous activity and potential threats to resources.
• Assist in designing and supporting cybersecurity and network security architecture.
• Support in the maintenance of LAN, WAN, VPN, server infrastructure, firewalls, wireless networks, and email security.
• Collaborate with the IT organization to mitigate threat assessment results, implement web protocols, PKI, SSL/TLS encryption.
• Test, implement, deploy, maintain, review, and administer policies and configurations that are required to effectively manage the cyber defense infrastructure and resources (i.e. networks, on premise and co-located systems, and cloud hosted systems).
• Assess newly published vulnerabilities and attacker tactics, techniques, and procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
• Work alongside the cybersecurity and IT teams to identify threats and problem areas, using feedback to further strengthen tools and technologies.
• Review GPO configurations for endpoints and ensure they align with security directives and policies.
• Provide recommendations for endpoint risk remediation and perform follow-up testing to ensure security risks have been eliminated or mitigated.
• Special assignments and projects as directed by the Manager, Cybersecurity.

THE IDEAL CANDIDATE HAS: 

Core Skills: 

• Assess security information, triage, and respond to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources while prioritizing information security incidents.
• Proven ability in building and maintaining security systems, databases, networks, to include firewalls intrusion detection systems, anti-virus, log management, content filtering, access control list.
• Ability to develop procedures and documentation to support an effective cybersecurity program.
• Experience with utilizing Wireshark for network troubleshooting and analysis.
• Passionate about information security operations, threat intelligence, and threat hunting.
• Strong verbal and written communication skills.
• Knowledgeable in networking, to include, but not limited to, subnetting, VLAN, switching, inter-VLAN routing, access control list, static routing, policy-based routing/forwarding, OSPF/BGP, DNS and DHCP.
• Demonstrates continuous effort to improve operational performance, streamline work processes and work cooperatively and provide quality seamless customer service.

Skill Pluses: 

• Experience with the following applications and systems:
  • AWS 
  • Azure, Microsoft InTune
  • ESET
  • Salesforce
  • KnowBe4
  • Darktrace
  • Datadog
  • PaloAlto Firewalls
  • Cisco Meraki
• Interest in researching and staying current on Cybersecurity trends, new security tools, security standards, best practices, and news.
• Familiarity of industry frameworks such as NIST, CIS, ISO 27001.
• Relevant cybersecurity and networking certifications such as CISSP, CISM, CEH, CISA, or CCNA, are highly desired.

Personality: 

• Positive mental attitude, strong work ethic, self-motivated, and highly organized. 
• Ability to work independently and as part of a collaborative team on multiple projects and priorities.

Engagement:

• Active participant in company culture. 
• A desire to teach, learn and grow with the department and company.
• Willingness to understand our business and how we can best serve our clients. 

EDUCATION/EXPERIENCE/MINIMUM REQUIREMENTS :

Education 

• Bachelor's Degree in Computer Science, Cybersecurity, Network Security, Software Engineering, STEM, or IT from an accredited institution, or equivalent work experience

Experience 

• Minimum 5 years of experience in cybersecurity operations, network security, and incident response, with hands-on implementation experience.

PHYSICAL REQUIREMENTS/WORK ENVIRONMENTS:

• This position is hybrid and will work partially on-site in our Burbank office, as well as from home.

DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this job. They are not intended to be construed as an exhaustive list of responsibilities, duties and skills required of personnel so classified.