Cyber Security Engineering Lead

Job Summary

This position is an experienced, senior level, hands-on technical lead, performing IT security functions and maintaining systems, while providing technical guidance to the team. Manages information security technologies such as antivirus, IDS/IPS, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response. Provides technical expertise and support to IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.

Job Responsibilities

Responsibilities include:

• Leads and manages security engineering technologies including network, endpoint, data security, Identity and access management, as well as cloud and OT security.
• Provides technical expertise in threat/risk assessments
• Defines, designs, and implements strategies to protect against emerging threats using security tools
• Responds to security incidents as needed
• Performs security reviews on new technologies and changes to existing technologies
• Manages information security technologies including SIEM, firewalls, vulnerability management, identity and access control systems, anti-malware, IDS/IPS, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response.
• Provides technical expertise and support to clients, IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.

Job Specific Qualifications

Required:

• Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering or related technical field and 8 or more years of experience in information security or related IT experience. In lieu of a degree, 12 or more years of experience in information security or related IT experience
• Must be able to perform as a hands-on technical lead performing IT security functions and maintaining systems, while providing technical guidance to the team
• Experience with cloud computing and can implement strong security to protect cloud first environment
• Experience designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively
• Experience reviewing complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations
• Ability to works independently with little or no supervision
• Demonstrated professional verbal and written communication skills
• Must demonstrate technical teamwork, organizational, managerial, financial management and leadership skills
• Willing to work in team environment, constantly teaching and learning from other team members.
• Ability to foster working relationships with the team, IT Management and Client departments
• Must demonstrate the ability to explain technical concepts to the business users in the context of business requirements
• Technical experience including: information / data / network / computer security design, administration and/or assessment
• Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems
• Leadership, planning and organizing skills and be results oriented

Note:

• Approximately 5% Travel required
• NERC CIP position, requires NERC CIP background investigation prior to start

Desired:

• Security certifications in incident response, cyber investigation, forensics, or threat hunting
• Programming Experience in Python

Note

This role can be performed remotely but require some level of onsite work/in-person interactions on a regular basis, require employees to live within a commutable distance and, since business needs vary by position and may change over time, managers will set expectations and flexibility regarding where and when work is performed.