Cyber Security Engineer
Cyber Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Technologies
Oversee manage and provide reporting from the Next Generation Firewalls (NGF)s Anti-Virus Malware Security Information and Event Management (SIEM) Intrusion Detection / Prevention (IDS/IPS) Domain Name Services (DNS) Vulnerability scanners and other security solutions that comprise the Security Architecture of the organization.
Conduct cloud security analysis of Microsoft Active Directory Office 365 and PCI-DSS. This can include Microsofts cloud solutions such as MCAS PIM InTune SharePoint One Drive Teams M365 AD DLP AIP and Exchange Online Protection.
Be the expert in security tools (Azure Security Center Darktrace Carbon Black CyberArk) to assist in detection prevention analysis and remediation of security threats.
Installation and use of firewalls data encryption and other security products and procedures.
Monitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior.
Process
Ensuring that the organizations data and infrastructure are protected by enabling the appropriate security controls.
Work closely with the application development team to provide security requirements and confirm their integration within the appropriate phases of the Systems Development Life Cycle (SDLC).
Partner with infrastructure team on vulnerability assessment and remediation.
Performing technical health checks for these Cloud platforms/environments prior to broader deployments.
Implementation of industry leading practices around O365/EMS cyber risks and cloud security. Acting as a subject matter expert on cloud cyber risk for the Microsoft O365 and EMS platforms.
Design and develop cloud-specific security policies standards and procedures e.g. O365/EMS tenant management and configuration identify management and access control firewall management auditing and monitoring security incident and event management data protection (DLP encryption) user and administrator account management SSO conditional access controls and password/key management.
Planning implementing managing monitoring and upgrading security measures for the protection of the organizations data systems and networks following industry best practices (CIS NIST PCI-DSS).
Awareness training of the workforce on information security standards policies and best practices.
Reporting and Response
Responding to all system and/or network security breaches. Maintain and update all Incident Response Procedures and Documentation.
Investigate security breaches
Lead incident response including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage
Conduct periodic network scans to find any vulnerability provide reporting to IT Management.
Conduct penetration testing simulating an attack on the system to find exploitable weaknesses
Configuration of cloud security and compliance reports.
Monitor and measure adherence & compliance to the patch management process for operating systems software applications firmware etc. and produce monthly metrics of patching results.
Qualifications :
Required
5 years technical experience designing implementing and maintaining security controls and procedures
Expertise in anti-virus software intrusion detection firewalls and content filtering
Expertise in Cybersecurity tools include Darktrace Carbon Black Microsoft ATP. Experience leading an IT department in security. Creating policies leading incident response and internal audits.
At least 2 years of work experience with incident detection incident response and forensics required.
Experience with Firewalls (functionality and maintenance) Office 365 Security and Endpoint Security.
Ability to work under pressure in a fast-paced environment.
Knowledge of risk assessment tools technologies and methods.
Great awareness of cybersecurity trends and hacking techniques.
Strong attention to detail with an analytical mind and outstanding problem-solving skills is required.
Knowledgeable in designing secure networks systems and application architectures.
Planning researching and developing security policies standards and procedures.
Strong communication skills and the ability to collaborate effectively both within IT and across the entire organization.
Preferred
Proficiency in Python C Java Ruby Node Go and/or Power Shell.
Disaster recovery computer forensic tools technologies and methods.
Expertise with Endpoint security solutions including file integrity monitoring and data loss prevention.
Experience with implementation and audit for Payment Card Industry Compliance.
Automation security testing tool experience.
Education and Certifications:
B.S or M.S. in Computer Science or related field.
At least 5 years of industry experience in an information security function is required.
Certified Information Systems Security Professional (CISSP) is a plus.
CISA Certified Information Systems Auditor (CISA) is a plus.
CEH Certified Ethical Hacker (CEH) is a plus.
CISM Certified Information Security Manager (CISM) is a plus.
Additional Information :
Our benefits program is our investment in you as an important contributor to our success and we are proud of our highly competitive package.
- Medical Benefits
- Health Savings Account (HSA)
- Medica Value-Added Services
- Virtual Care
- Dental Insurance
- Vision Insurance
- 401(k) Retirement Plan
- 401(k) Matching
- Employee Discount
The Tile Shop is an Equal Opportunity Employer
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
