Permanent Full time role.
Prestigious Enterprise Company is currently seeking a Senior Cyber Security Engineer. Candidate will assist in the building and monitoring of cybersecurity architecture and operations. Candidate will ensure architecture and practices safeguard products and solutions, that meet business requirements while maintaining a strong security posture, as well as perform day to day security administrative and proactive monitoring activities. Candidate will monitor security compliance through technical audits, risk assessments and issue management, and act as a core team member to the Enterprise Architecture team and Project Management Office.
Work closely with IT Operations and other functional areas to ensure vulnerabilities and threat indicators are rated by severity and responded to in a manner consistent with the risks.
Develop security procedures and metrics for the security of Company global networks, systems and applications.
Develops and maintains the Cyber Security and privacy technical architecture.
Recommends guiding principles and technical standards that foster technology decisions.
Conducts vulnerability scans, effective systems patching and remediation tracking based on defined or applicable risk to the enterprise.
Identifies and implements appropriate security and privacy monitoring within IT to safeguard Company's cybersecurity program.
Configure and support security end point protection, intrusion detection and prevention, Internet and messaging security gateways, encryption architecture, and threat intelligence.
Executes the security incident response life cycle to drive threat remediation and strategic countermeasures.
Addresses cyber-attacks through proactive identification, containment of security incident, mitigation of malicious threats and malicious software, and system recovery.
Coordinates activity related to Data Loss Prevention (DLP) strategy by configuring appropriate policies, communicating violations and risks, and providing solutions for secure digital transfer or storage.
Identifies security and compliance requirements that align with standards, policies, technical controls and architecture principles. Reviews risk assessments completed as part of the project life cycle.
Builds solution architectures that meet project requirements and align with architecture principles and futures architecture vision.
Partners with the Enterprise Architecture function to provide technology evaluations and recommendations relating to cyber security.
Advocates security risk management framework to ensure that security decisions are consistent and appropriate to Company's needs for system and information protection, integrity, availability, privacy and regulatory compliance.
Performs risk assessment to ensure appropriate security during introduction of new technologies. Review and approve the findings and recommendation of risk assessments.
Conducts audits and monitors issues to provide assurance reporting of how Company is complying with policies, standards, and industry regulatory requirements and the internal control framework in order to maintain a compliant, audit ready, posture.
BS/BA Computer Science or equivalent related field of study required.
An industry leading security certification required such as Certified Information Systems Security Professional (CISSP) or equivalent.
Minimum 5-7 years of progressive technical IT experience focusing on cyber security
Working knowledge of Windows Server and Desktop Operating Systems, Active Directory Domain design and implementation, and endpoint security.
Understanding on how to conduct investigations of security incidents.
Understanding on how to conduct third-party security due diligence or audits.
Understanding of SANS Critical Security Controls or NIST Computer Security Standards
Knowledge of TCP/IP, switching, routing, VLANs and VPNs.
Knowledge of Next Generation Firewalls or Unified Threat Management (UTM) technologies.
Knowledge of Identity and Access Management (IAM) technologies.
Knowledge of Security Incident and Event Management (SIEM).
Knowledge of Intrusion Detection/Prevention Systems (IDS/IPS) technologies.
Knowledge of Privileged Access Management (PAM) solutions.
Knowledge of cloud based technology or Cloud Based Security Broker (CASB) technologies.
Knowledge of Vulnerability and Threat Management (VTM).
Knowledge of virtualized environments and infrastructure technologies.
Strong understanding of Shell Scripting, and able to apply knowledge.
Knowledge of encryption techniques and PKI infrastructure.
Employment Type: Permanent
Work Hours: Full Time
Pay: $115,000 to $130,000 USD
Pay Period: Annual
Other Pay Info: Bonus
Click here to apply
Please mention that you saw the job on Issues in Science and Technology