Cybersecurity Engineer at The National World War II Museum Inc

New Orleans, Louisiana, United States -

Full Time

Start Date

Immediate

Expiry Date

16 Apr, 26

Salary

0.0

Posted On

17 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Incident Response, Vulnerability Management, Security Monitoring, Endpoint Security, Identity Management, Risk Assessment, NIST Cybersecurity Framework, Documentation, Troubleshooting, Communication, Security Controls, Change Management, Cloud Security, SIEM, Scripting

Industry

Museums;Historical Sites;and Zoos

Description

Description The National WWII Museum is currently seeking a Cybersecurity Engineer. The Cybersecurity Engineer is responsible for the day-to-day execution and continuous improvement of the National WWII Museum’s cybersecurity program, including security monitoring, vulnerability management, incident response, and implementation of security controls. This role serves as the technical owner of cybersecurity controls and the primary escalation point for security incidents, operating with delegated authority from the Vice President of Information Technology. Working closely with IT teams, the Cybersecurity Engineer translates security priorities into practical, effective technical protections that reduce risk and strengthen the organization’s overall security posture. The role operates under the strategic direction and governance of the Vice President of Information Technology and ensures alignment with industry standards and best practices, including the NIST Cybersecurity Framework. Unlike an analyst role focused primarily on monitoring and reporting, this position is responsible for the engineering, implementation, and continuous improvement of the Museum’s security controls. Requirements Security Operations & Monitoring Monitor and triage security alerts from endpoint protection, identity platforms, and logging systems Investigate and respond to security incidents in coordination with IT Infrastructure Maintain incident documentation and post-incident remediation tracking Vulnerability Management Operate routine vulnerability scanning across servers, endpoints, network devices, and supported systems Testing, identifying, and remediating system and network vulnerabilities through continuous vulnerability management Prioritize findings based on risk, exploitability, threat intelligence, and business impact, and document accepted risk where remediation is deferred Coordinate remediation with Infrastructure and Application teams Track vulnerabilities through closure Endpoint & Identity Security Own endpoint security tooling health, configuration, and tuning Enforce MFA, Conditional Access, and service account hygiene Ensure security controls are consistently implemented across endpoints, servers, networks, and cloud services Lead privileged access reviews and remediation Infrastructure & Network Security Support Partner with Infrastructure to improve network segmentation and reduce lateral movement Lead firewall rule review, validation, and documentation Ensure secure configuration of kiosks, AV systems, and operational technology where feasible Designing, implementing, and upgrading security measures to protect organizational data, infrastructure, and networks Logging & Forensic Readiness Expand log coverage to support investigation and compliance needs Ensure logs are retained and accessible for incident analysis Support SIEM-lite or centralized logging improvements Continuous Improvement Translate NIST-aligned requirements into operational controls Participate in tabletop exercises and recovery testing Recommend improvements based on threat intelligence and incident trends Contribute to risk assessments, security metrics, and executive reporting Assist in maintaining cybersecurity policies, standards, and technical procedures Change Management Participating in the change management processes to ensure new systems and changes meet security requirements before deployment Perform other duties as assigned. Qualifications 3–7 years of Experience operating in a multi-site or hybrid environment with a mix of on-premises and cloud infrastructure Demonstrated ability to translate technical risk into business-relevant language for non-technical stakeholders Demonstrated experience designing, implementing, and improving security controls, not only monitoring or reporting Hands-on experience with: Endpoint Detection & Response (EDR) platforms, Vulnerability scanning and remediation workflows, Identity & Access Management, MFA, and Conditional Access and Windows operating systems and network security fundamentals Proven ability to lead technical incident response, including containment and remediation Experience working directly with infrastructure and application teams to reduce risk Familiarity with the NIST Cybersecurity Framework and modern security best practices Strong troubleshooting, documentation, and communication skills Self-motivated and able to work independently or within a team environment. As needed, be willing to work a flexible schedule that may extend outside of the typical 40-hour work week, including weekends and evenings, to complete tasks and meet deadlines. Preferred Experience with cloud security (Microsoft Azure or similar platforms) Familiarity with security automation, SOAR concepts, or scripting (PowerShell, Python, etc.) for security operations Exposure to SIEM or centralized logging platforms Security certifications (Security+, CySA+, SSCP, or similar) In addition to offering competitive wages, the Museum’s benefits package includes: Medical insurance – 2 plan options; Museum pays 75% of premium Dental and vision insurance Flexible spending account 401(k) – Museum matches 50% of employee contribution up to 6%; employer contribution full vested after 3 years of employment Life insurance and AD&D - $15,000 policy employer paid; additional life and AD&D available Long term disability insurance Paid vacation and sick leave, 10 paid holidays per year Free parking Tuition assistance and professional development Employee assistance program The National WWII Museum is an Equal Opportunity Employer and seeks diversity in its workforce. We are dedicated to a policy of non-discrimination in employment on any basis including age, sex, race, religion, national origin, sexual orientation, or disability. Consistent with the Americans with Disabilities Act, applicants may request accommodations needed to participate in the application process.

Responsibilities

The Cybersecurity Engineer is responsible for executing and improving the Museum's cybersecurity program, including security monitoring, vulnerability management, and incident response. This role serves as the technical owner of cybersecurity controls and the primary escalation point for security incidents.