JOB SUMMARY

We seek a talented and motivated Cybersecurity Engineer to join our cybersecurity team. As a Cybersecurity Engineer, you will play a crucial role in safeguarding our organization’s digital assets and infrastructure. The ideal candidate should possess a strong background in various IT disciplines, including Windows Server administration, enterprise monitoring systems, active directory administration, network architecture, and more. In this role, you will be responsible for implementing security measures, monitoring for threats, and ensuring the overall security posture of our organization.

QUALIFICATIONS

• Bachelor’s degree in computer science, Information Technology, or a related field or 10+ years of relevant job experience.
• Proven experience with Active Directory, PowerShell scripting, and IAM.
• ITIL v3 Certification or higher.
• Strong knowledge of cybersecurity principles, practices, and tools.
• Excellent problem-solving and analytical skills.
• Ability to communicate technical concepts effectively to non-technical stakeholders.
• Strong attention to detail and a commitment to maintaining the highest security standards.
• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are a plus.

KEY RESPONSIBILITIES

• Security Infrastructure Management:
• Administer and maintain Windows Server environments (2012/2016/2019).
• Utilize enterprise monitoring systems such as SolarWinds, SCOM, and Spectrum for threat detection and performance monitoring.
• Manage Active Directory infrastructure, including user accounts, group policies, and access controls.
• Oversee Cisco ISE and Cisco Fabric Interconnect administration.
• Incident Management and Threat Response:
• Proactively identify and mitigate security incidents and vulnerabilities.
• Utilize ITIL best practices for incident management.
• Develop and implement strategies to mitigate cybersecurity risks.
• Lead incident response efforts to identify and contain security breaches.
• Collaborate with incident response teams and subject matter experts to resolve security incidents.
• Document all incidents, their resolutions, and improvements to enhance security measures.
• Network and Infrastructure Security:
• Familiarity with securing load-balancing solutions.
• Oversee the security of Wireless and Teleworker architectures, including rogue access point detection and response.
• Ensure security protocols are in place for VPN and remote access solutions (Palo Alto).
• Monitor and analyze network traffic for security threats.
• Backup and Data Management:
• Work with BCP/DR professionals to secure backup solutions and the data they contain.
• Ensure security-focused data center, storage administration, and disaster recovery plans are in place.
• SIEM Management:
• Manage and oversee the organization’s SIEM platform.
• Configure and fine-tune SIEM rules and alerts to detect security incidents effectively.
• Analyze SIEM data to identify security events and anomalies.
• Generate and review SIEM reports for security monitoring and compliance purposes.
• Identity Access Management (IAM):
• Design, implement, and manage IAM solutions to control user access and permissions.
• Perform access reviews, authentication, and authorization processes.
• Monitor and enforce IAM policies to ensure compliance and security.
• Microsoft Active Directory Expertise:
• Manage and maintain Microsoft Active Directory services with a cybersecurity focus.
• Implement least privileged and just-in-time secure user authentication, group policies, and directory services.
• Troubleshoot and resolve possible Active Directory-related issues.
• Implement security best practices within Active Directory.
• PowerShell Scripting:
• Utilize PowerShell scripting to extract, analyze, and generate reports on cybersecurity-related data.
• Automate repetitive tasks to improve efficiency and response times.
• Develop and maintain scripts for cybersecurity tasks and monitoring.
• Threat Hunting:
• Proactively search for and identify potential security threats and vulnerabilities within the organization’s IT infrastructure.
• Develop and execute threat-hunting strategies and techniques to detect and mitigate advanced threats.
• Collaborate with incident response teams to investigate and respond to identified threats.
• ITIL Certification and Documentation:
• Hold an ITIL v3 Certification or higher.
• Create and maintain comprehensive documentation of technical environments, configurations, and security protocols.
• Participate in developing and updating cybersecurity policies, standards, and procedures in line with industry best practices.