Cyber Threat Engineer

Job Description

As a Cyber Threat Engineer, you will assist in the development, implementation and maintenance of the enterprise information security program, focusing on all engineering tasks related to threat management and data protection. You will work closely with the information security team and business leaders as well as the IT support and development teams toidentify security risks and implement solutions to mitigate risks within business appetite.

As a member of the information security team you may be tasked with providing ownership for the day-to-day information security engineering and operational activities for the organization. You will support and maintain current technologies while contributing to the development of information security solutions, which will include all applicable standards, tools, controls, processes and procedures.

The position requires hands-on technical work, a comprehensive understanding of today's information security challenges, domains, concepts and principles, as well as strong project management disciplines and communication skills.

This position reports to the Chief Information Security Officer. Responsibilities require collaboration with the ability to influence and affect change in support of key objectives at local, and regional levels. The ability to manage multiple priorities is essential. Periodically directs the activities of external resources. This position will require travel.

MAJOR DUTIES & RESPONSIBILITIES
• Design, implement and maintain comprehensive information security solutions to meet business requirements.
• Collaborate with other information security personnel to implement standard threat management solutions and best practices.
• Participate in cross-functional project teams along with individuals from IT Infrastructure and Application Development to design and implement prioritized security solutions.
• Remain current on relevant security regulations, laws and technologies in an effort to manage solutions as required.
• Conduct assessments of existing security operational processes and recommend changes to associated policies, standards, controls and procedures.
• Create and manage implementation plans with well-defined and measurable milestones; track and report progress to senior management.
• Assist the team in the management of security events and technical forensic investigation efforts.
• Develop and contribute to information security metrics and reporting to depict strengths and opportunities.

Qualifications:

MINIMUM REQUIREMENTS
• 5+ years, hands-on, broad-based information security experience
• 3-5 years technical experience:
o with at least one EDR solution
o with multiple OS platforms (e.g. Windows, UNIX)
o with network security solutions (e.g. firewalls, proxies, IDS/IPS)
• 1-3 years' experience with:
o working in a regulated environment (e.g. data privacy, Sarbanes Oxley)
o PCI-DSS
o securing e-commerce based transactions
o application security solutions
o security architecture
o encryption tools
o identity management and logical access controls and principles
o threat and vulnerability management tools and processes
o incident management procedures and forensics
o performing technical risk assessments
o information security controls and procedures
• Experience of operational security monitoring, metrics and reporting
• Individual attributes:
o Strong results orientation and organizational skills
o Customer service driven
o Superior verbal and written communication
o Strong presentation skills
o Team player with the ability to achieve, impact and influence
o A self-starter with strong interpersonal skills and the ability to work independently
o Demonstrates sense of urgency and a high-degree of initiative
o Proven track record of problem solving and successfully implementing cost effective solutions
o Demonstrates the ability to make risk based decisions
o Ability to provide periodic off-hour support for critical security matters

DESIRED QUALIFICATIONS
• BS in Computer Science or other related disciplines
• Certified Information Systems Security Professional (CISSP) and/or equivalent
PMP or other project management certifications

First/Mid Level Officials and Managers

Jobcode: Reference SBJ-g31q9d-18-221-208-183-42 in your application.