Cybersecurity Engineer

As a Cybersecurity Engineer, you will perform a variety of cybersecurity functions for our family of companies and will be involved in tool management, scripting, log analysis, controls design, threat analysis, incident response, among other activities. In your role, you will design, analyze, implement and support secure network solutions, routers, firewalls, and operating systems. Protecting Tideworks systems against advanced persistent threats from cyberspace by defending against hacking, malware and ransomware, and cybercrime will be of utmost importance. Additionally, you will develop secure systems, perform assessments and penetration testing and manage security technology and audit/intrusion systems and developing secure network solutions to protect against persistent threats.

Essential Responsibilities:

• Provide technical support for routine security services and participate in 24/7 on-call rotations.
• Implement security solutions for intrusion detection and notification, security auditing, alert and response, virus detection and removal, password complexity enforcement, and media protection.
• Verify security systems by developing and implementing test scripts and running security scans.
• Validate baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
• Work with developers to respond to escalated problems from Technical Administrators or other Engineers.
• Partner with Client Services to keep clients informed about network security problems and resolutions.
• Maintain standards across systems security.
• Administer technology used in support of cybersecurity efforts (e.g., firewalls, Intrusion Detection/Prevention Systems, Endpoint Detection and Response solutions, Web Application Firewalls and Security and Event Management systems).
• Respond to cybersecurity incidents, participate in penetration and vulnerability testing, cybersecurity audits, and assist with remediation of cybersecurity vulnerabilities.
• Other duties as assigned.

• Bachelor's degree in IT Engineering, Computer Science, Business Management, Information Technology, Computer Engineering or Information Sciences or relevant work experience preferred.
• 2+ years' relevant experience in Computer Science, Cybersecurity, Systems Administration, Networking, DBA, design and support or equivalent work experience.
• Experience working in an agile environment and using engineering methodologies preferred.
• Foundational knowledge in Identity and Access Management (IAM).
• Working knowledge of NIST CSF a plus and general familiarity with the common controls used in frameworks such as NIST CSF and ISO 27002 required.
• Experience working with SAST/DAST and SDLC frameworks.
• Confident, energetic self-starter, with strong interpersonal skills and good judgment, a sense of urgency.
• Demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• Positive attitude and an enthusiasm for instilling security into all work throughout our organization.

Key Knowledge, Skills & Abilities:

• Knowledge of common vulnerabilities and exploitation techniques, scripting languages (e.g., Perl, Python, PowerShell), and common information security management frameworks including NIST Cybersecurity Framework (CSF), International Standards Organization (ISO), and IT Infrastructure Library (ITIL).
• Knowledge of operating system internals and network protocols.
• Knowledge of cryptography and cryptanalysis, application technology security testing (e.g., white box, black box, and code review), system security testing, and network design and architecture.
• Basic knowledge of industry leading practices in cybersecurity, information technology infrastructure, engineering, and end-user computing.
• Ability to understand business needs and commitment to delivering high-quality, prompt and efficient services to the business.
• Proven ability to weigh the relative costs and benefits of potential actions and to identify the most appropriate course of action.
• Proven ability to effectively influence others to modify their opinions, plans, or behaviors and to communicate effectively to a range of audiences.
• Ability to understand the business impact of security tools, technologies, and policies.
• Proven ability to develop and guide information security team members and IT operations personnel, and to work with minimal supervision to accomplish a task or meet an objective.
• Ability to work well under pressure and under tight deadlines.
• Demonstrated communication, collaboration, analytical thinking and project management skills.
• Leading coding, networking and network security, threat modeling, and testing skills.

Work Environment:

• Exposure to computer screens.
• The noise level in the work environment is usually moderate.
• Required job duties are normally performed in a climate-controlled office environment, or remotely from home.

We are an Equal Opportunity Employer