Cyber Security Engineer

Job Overview
Our client in the Bridgewater area of NJ has an excellent opportunity for a Cyber Security Engineer!   
 

Responsibilities:

  • Support the overall vision and strategy of the Information Security department.
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment.
  • Provide technical expertise for the administration of all security tools.
  • Consult with IT staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, software, and business applications.
  • Monitor and report on emerging risk and compliance with organizational security policies, including the enforcement of policies within the IT department.
  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  • Effectively and proactively collaborate with staff at all levels of the organization to devise and implement security solutions.
  • Work closely with a “24×7” external cyber threat monitoring service. Maintain and support its on-premise detection technology and SIEM.
  • Respond to, investigate, and where appropriate, resolve or escalate reported security incidents. Provide postmortem analysis to illuminate the issues and possible solutions.
  • Support the Vulnerability Management Program by maintaining its infrastructure and conduct recurring scans of all systems and applications.
  • Provide guidance to System Administrators and Application teams to remediate identified vulnerabilities.
  • Enhance enterprise Data Loss Prevention technologies and procedures.
  • Provide technical guidance, training, and documentation covering the usage and impact of security technology.
  • Monitor security vulnerabilities and the threat landscape.
  • Administer the multi-factor authentication (MFA) and single sign-on (SSO) solutions and continue their integration across various business systems, including SaaS-based platforms.
  • Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
  • Implement controls to manage and monitor privileged access.
  • Provide configuration management guidance to IT staff and ensure systems are hardened to prevent unauthorized access or misuse.
  • Support third party audits and penetration tests.
  • Prepare technical reports for IT senior management.
  • Participate in IT problem and change management forums.
  • Stay current on technology trends.

 

Requirements:

  • Bachelor Degree in Computer Science, Information Systems, Cyber Security or equivalent related technical field.
  • At least 5 years’ experience as a Cyber Security Engineer, or comparable role.
  • Certifications in one or more areas or willingness to obtain: CISSP, a GIAC certification (GSEC, GCIH, or other), CEH, ECSA, CompTIA Security+, or comparable.
  • Experience with NIST Cybersecurity Framework, NIST 800-53, ISO 27001/27002, ITIL, COBIT, OWASP.
  • Top 10, CWE/SANS Top 25, and CIS CSC Top 20.
  • Experience with PCI, GDPR, CCPA, HIPAA, ISO, GLBA and SOX compliance assessments.
  • Experience with commercial Vulnerability Management systems (i.e. Rapid7, Tenable, Qualys).
  • Network security architecture development and definition.
  • Knowledgeable in security concepts related to DNS, routing, authentication, Web Application Firewall (WAF),Identity and Access Management, Endpoint Protection, VPN, IDS/IPS, proxy services and DDoS mitigation technologies.
  • Management of firewalls, intrusion detection systems, and other network security devices.
  • Strong experience in securing Windows environments.
  • Administration of SIEM (Security Information and Event Management) platforms, log collection, and tuning.
  • Incident Management and Response Planning.
  • Knowledge of a managed security service provider models.
  • Secure coding practices, ethical hacking and threat modeling.
  • Familiarity with third-party audits and cloud risk assessment methodologies.
  • Scripting with PowerShell, Batch, Bash or Python a plus.
  • Ability to work well under minimal supervision.
  • Strong oral, written and interpersonal communication skills. Ability to effectively convey complex information.
  • Strong business process knowledge and application of technology solutions.
  • Strongly self-motivated and team oriented.
  • Comfortable working with a variety of technologies supporting large scale deployments, troubleshooting solutions issues and proficient in monitoring and investigating security events.
  • Strong customer/client focus, with the ability to manage expectations appropriately.
Job Detail
Shortlist Never pay anyone for job application test or interview.