Cyber Security Engineer

Responsibilities:

• Develop event response documentation and Standards, including diagrams for system environments, cloud operations, and security tools 
• Review our architecture and design through a security lens to provide actionable, timely requirements and recommendations 
• Serve as a subject matter expert for security tools, applications, and processes 
• Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information security management frameworks such as NIST 800-171 and CMMC 2.0. 
• Work directly with team leads, IT and Engineers both on policy and technical implementation of technologies. 
• Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance. 
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management. 
• Oversees the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement. 
• Oversees the administration of authentication and access controls, including security/access roles, and access permissions to information assets. 
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes mitigation of risk; oversees risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments. 

Knowledge, Skills and Abilities:

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, or equivalent combination of education and work experience 
• 8+ years of solid, diverse experience in Cyber Security Engineering and Incident Response 
• Experience deploying and customizing security tools such as vulnerability scanners, static analyzers, IDS/IPS, firewalls, and endpoint security monitoring 
• Strong Experience securing Cloud Applications using industry standard frameworks 
• Must possess an active Top Secretclearance or be eligible to obtain one 
• Ability to lead, motivate and direct team members, cross-functional partners and Engineering teams; and strong performance management skills to include coaching, goal setting, holding team members across multiple levels accountable 
• Ability toperform Information System Security Engineer/Manager (ISSE/ISSM) functions for classified infrastructure 
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles from technical teams to senior executives 
• Extensive experience with enterprise security solutions (Endpoint Detection and Response, Security information and Event Management, IT services management and Cloud, etc.)  
• Extensive experience with intrusion detection methodologies and techniques for detecting host and network-based intrusions 
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth) 
• Extensive experience withpreviousinformation classification programs and procedures for information compromise 
• Proven experience in an information assurance, IT Risk and Compliance, information security, IT & Security audit, collaborating with external auditors (3PAOs) or other similar IT role involving IT security and compliance