Cybersecurity Engineer

To Apply for this Job Click Here

Job Title: Cybersecurity Engineer
Location: Remote (EST time zone)
Job Type: Direct Hire

Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly 

Overview
The Cybersecurity Engineer is tasked with creating, deploying, managing, and supporting cybersecurity measures aimed at safeguarding an organization’s technology and data assets, spanning infrastructure, networks, servers, storage, and cloud technologies. The role encompasses developing both short and long-term cybersecurity strategies, implementing monitoring and maintenance plans, all geared towards enhancing user experience, system security, performance, and reliability. Responsibilities also include overseeing all aspects of the company’s computer system security, ensuring information and system security through the implementation of best practices, policies, procedures, and systems/resources. Compliance with the company’s technology architecture strategy, Information Technology General Controls (ITGCs), Sarbanes-Oxley Act (SOX), and NIST Standards is paramount. Leveraging data, technical expertise, and business acumen, the Cybersecurity Engineer contributes to the development of technical and security solutions at an enterprise level, participating actively throughout the project life cycle. Remaining current on cybersecurity risks and standards is crucial for staying ahead in the field. Continuous self-improvement plays a vital role in keeping a competitive advantage, along with a dedication to sharing relevant insights for the collective benefit of the Technology Team.

Duties and Responsibilities

• Engineer, implement, and maintain effective cybersecurity measures to protect data, technology systems, applications, and infrastructure.
• Maintain and adhere to defined Technology Team standards, Company Policies, Information Technology General Controls (ITGCs), Sarbanes-Oxley Act (SOX), and NIST controls.
• Participate in roadmap implementation plans for technology environment, including data, applications, servers, network, storage, compute platforms, and related infrastructure.
• Identify and define systems security requirements for technology environment which provides a balanced use of public and private cloud as well as traditional data center technologies to support high availability, performance and scalability for company’s technology and digital assets. 
• Develop technical solutions and implement new tools to help mitigate security vulnerabilities and automate reoccurring tasks.
• Perform vulnerability and secure configuration testing; research common and emerging threats and perform remediation activities across enterprise systems.
• Ensure systems availability, reliability, and integrity by monitoring, maintaining and improving technology systems.
• Maintain appropriate documentation, including drawings, configurations, settings and recovery plans.
• Ensure an effective level of cross training to provide for self or team member absence.
• Assist in root cause analysis activities to prevent reoccurring problems.
• Maintain relationships with related partners, vendors, and suppliers. Evaluating tools as needed.
• Provide expert problem solving and technical judgment to troubleshoot complex system problems while working with appropriate teams to diagnose and recommend solutions.
• Effectively communicate recommendations and technical information to teams ranging in technical proficiency and management levels, ensuring proactive awareness and comprehensive reporting on potential or discovered cybersecurity risks, improvements, and incidents.
• Research and evaluate current and emerging threats and technologies and stay abreast of new technologies and solutions that will help increase security, productivity, innovation, and business capabilities.
• Maintain a competitive (technology and security) edge through continuous self-development as a core competency and freely share relevant information for the benefit of the entire technology team.

Required Experience and Skills

• Bachelor’s degree in Computer Science, MIS, engineering or related program or directly related experience and certification beyond minimums will be considered.
• Minimum 7 years of directly related experience in enterprise environment required.
• CPEH, CISSP, CISA, NCSF experience and certification preferred.
• Experience working in Public Cloud Environments is preferred.
• Data center and IT systems implementation/administration experience required.
• Knowledge of common IT solutions from leading technology providers is desired.
• Experience in the design, implementation and maintenance of Windows Server, Linux Server, and VMWare technologies is preferred.
• Experience with CyberArk, CrowdStrike, Tenable, Varonis, and Sumo Logic SIEM is desired.
• Experience with Database Server security administration desired.
• Microsoft 365 implementation and administration required.
• Vulnerability assessment and Penetration Testing experience are required.
• Intrusion detection/prevention, data encryption technologies and their application in an enterprise distributed design environment is required.
• Extremely strong analytical and problem-solving skills.
• Excellent communication skills sharing technical details with team members, project teams, and stakeholders and produces ideas, solutions, and excellent materials for Technology  Leadership.
• Self-starter and works with minimal supervision with excellent time management, documentation, and relationship management skills.

To Apply for this Job Click Here