Global Security Engineer

Location: Manassas, VA

Schedule: Hybrid (3 days onsite per week)

Travel: up to 25%

Compensation: $120k to $150k 10% Bonus

· Must be eligible to work in the United States

· Must pass comprehensive background screening

· Must be willing to work flexible hours across global time zones, specifically Europe

THE POSITION:

The Global Security Engineer is a key member of the team responsible for all aspects of cybersecurity and support of Operational Technology cybersecurity needs.

The Global Security Engineer position requires expertise in support of running a highly available, secure, and scalable environment. The position will require the development and maintenance of various security platforms. Technologies will include but not be limited to multi-disciplinary security and user collaboration tools, archiving, encryption, business continuity, security risk assessment, and endpoint security integration & support of Operational Technology applications. The position works under minimal direction with considerable latitude as part of a global security team where the use of critical analysis, initiative, and independent judgment are highly desirable. The position will be required to utilize project management and time management skills to ensure timely delivery of business and departmental objectives.

RESPONSIBILITIES:

Responsibilities may include:

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of our company's Infrastructure's data, systems, and networks.
• Leading or collaborating with peers on project management to accomplish the goals set by leadership.
• Providing SME-level advice and expertise regarding various technologies and enable leadership to drive security objectives and improve the company's overall security posture.
• Monitor and triage critical IT infrastructure for irregular behavior/weaknesses and respond with robust countermeasures to prevent future incidents.
• Install and maintain security tools that monitor critical infrastructure (systems and networks) for security breaches and intrusions.
• Triage and investigate security and user high-risk events.
• Lead/participate in incident response and investigation of IT/OT security detections and incidents
• Assist with compliance matters regarding our customers and regulatory compliance
• Monitoring and optimization of security tools
• Security control implementation
• Security risk assessments
• Email security management
• DNS management
• Penetration testing remediation
• Policy enforcement
• Attack surface management and threat hunting
• Endpoint security support
• Security awareness training
• System OS security hardening
• Cyber risk performance metrics
• Participation in an on-call rotation with your team to ensure 24/7/365 coverage.
• Work closely with cross-functional teams, including IT Support, IT Infrastructure, and Critical Operations teams, to ensure systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access
• Serve as a point of escalation and support for Information Technology and international IT administrators security needs.

MUST-HAVE QUALIFICATIONS:

• 5 years total IT/Cybersecurity experience in the private sector.
• 3 years of experience managing and implementing on-prem and cloud IT environments (Azure)
• Additional 3 years of cybersecurity experience protecting and securing IT (Windows/Mac/Linux) and OT environments.
• Exposure and experience with International and multi-country IT/OT security programs.
• Certifications in one or more of the following disciplines/providers preferred: CISSP, CISM, CEH, GIAC, ISACA, Microsoft Azure Security.
• Experience with cyber incident response, SIEM, Firewalls, vulnerability scanning tools, security operations workflow, IPS, Browser security, Cloud security, and Endpoint Security.
• Familiarity with security-related compliance such as NIST CSF, CIS Critical Security Controls, ISO 27001/27002 and regulations such as GDPR, HIPAA, SOC1/2, and PCI-DSS.
• Strong understanding of MITRE ATT&CK framework.
• An analytical security-focused mind, outstanding problem-solving skills, and strong threat assessment and mitigation skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Exceptional documentation and report generation skills.
• Great awareness of cybersecurity trends, emerging threats, and techniques.

THIS MIGHT BE RIGHT FOR YOU IF:

• You're passionate about IT and Cybersecurity.
• You are an experienced generalist in cybersecurity overall with a strong interest or specialization in cloud, identity, and OT technologies.
• You're persuasive and clear, blending analytics with experience in decision-making.
• You're highly adaptable in an ever-changing environment and enjoy change and growth.
• You're naturally curious and driven toward continual improvement. While you celebrate your successes, you take time to review and analyze campaigns for future learning.

Benefits

· We offer a competitive compensation package with strong benefits, including medical, dental, and vision insurance, a 401K program, flexible spending accounts - even a cell phone subsidy.

· We foster a culture of appreciation, including peer-to-peer recognition programs.

· Fun is part of our DNA, with events, game nights, happy hours, and barbecues.

· We're growing - this is a great time to join and make an impact!

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.