CyberSecurity Network Engineer
LaBine & Associates
- Woburn, MA
Cybersecurity Engineer needed to lead the technical and compliance role on the team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, compliant and available to users in a timely fashion.
- Correlating threat information from various sources including security incidents raised by the user community including phishing attempts, malware outbreaks, unauthorized access attempts as well as security alerting sources.
- Leading IT/InfoSec projects, identifying and communicating risks specific to the project, and actions necessary for remediation including recommendations for logical access controls, secure application configuration, general secure data handling processes.
- Manages the Incident Response Plan, leads the Incident Response team during all cybersecurity incidents and represents the InfoSec team on all other security incidents.
- Managing the day-to-day security systems operations, including the log reviews and following up on any security alerts.
- Performing additional duties and projects as assigned.
- Proactively scanning systems and networks to ensure that vulnerabilities are identified and oversee remediation, including the configuration of scan sites, scheduling of scans, production of reports, interpretation, and communication of results.
- Providing expertise and support to ensure the company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations.
- Providing support with third party security risk assessments/IT audit and provides tracking for findings, resolution.
- Researching and assessing new threats and security alerts and recommend remedial actions.
- Serving as a primary point of contact with client’s cybersecurity partner.
- Serving as an internal information security lead and consultant to the organization, providing guidance and support for business inquiries, requests.
- Supporting the development, implementation, and management of cybersecurity knowledgebase.
- Supporting the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives/meet regulatory requirements.
Required Qualifications | All applicants must be a US Citizen and have the ability to obtain an Active Secret clearance.
- 5 - 7 years related work experience in information security governance and/or related functions such as IT audit and IT Risk Management.
- Bachelor's degree in Computer Information Systems/Management Information Systems or related discipline or equivalent
- DoD 8570 Certs - CISA, CISM, CRISC, CISSP, or similar security certification.
- Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries to provide guidance when requested.
- Experience designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection.
- Experience with Security Incident Response including hands-on involvement in detection, analysis, containment and remediation phases.
- Experience with system implementations, identification of security related risks and development of recommended actions for remediation.
- Knowledgeable with information security management frameworks such as AT101 SOC 2, ISO, ITIL, CobiT and knowledge of NIST 800.171 to include development of policies, process and procedures within the environment.
- Strong technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti-virus/malware, data loss prevention.
- You can be flexible with your work schedule on occasion in order to provide support/complete assigned projects (e.g., upgrades, installations) during non-business hours.
- You enjoy working in a team-oriented environment as well as independently.
- You have the capacity to learn quickly and comprehend highly technical detailed information.
- You pay attention to detail and can handle and prioritize multiple activities.
- You’re an effective project manager with the skills and the ability to proactively problem-solve.
- You’re trusted to handle sensitive information in a highly confidential manner.
- Your demeanor is professional as is your interaction with all customers.
- Your verbal and written communication skills are stellar and allow you to develop positive relationships and effectively communicate with employees, customers, auditors, partners and all levels of management.
Thursday, April 16, 2020