Senior Cyber Security Engineer

Job Description:

General Function / Summary:

The Senior Cyber Security Engineer is responsible for building digital security protocols, operating a cyber security system and maintaining security controls for the CNG organization.  

Essential Duties:

• Execute and track the performance of security measures to protect information and network infrastructure and computer systems.
• Maintain and execute a comprehensive technology roadmap.
• Identify, define and document system security requirements and recommend solutions to management.
• Configure, troubleshoot and maintain security infrastructure software and hardware.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation.
• Manage third party IT Security vendor relationships.
• Monitor systems for irregular behavior and configure preventive measures. 
• Educate and train associates on information security best practices.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
• Analyze information security hardware and software to ensure maximum performance and provide technical and managerial expertise for the administration of security tools.
• Lead security projects to ensure project milestones are met on time and within budget.
• Produce KPI’s for security controls managed by the IT Cyber Security team.
• Other assigned projects.

Minimum Education and Experience Required:

• Bachelor’s degree in Computer Science, MIS, or equivalent experience
• 4+ years of experience in IT security operational roles
• Proven experience developing, operating and maintaining security systems
• Extensive knowledge of operating system and database security
• Proficiency in networking technologies, network security and network monitoring solutions
• Knowledge of security systems including anti-virus applications, content filtering, Palo Alto firewalls, authentication systems, intrusion detection, Data Loss Prevention and SIEM
• In-depth knowledge of security protocols and principles
• In-depth knowledge of security controls such as CIS and frameworks such as SOC 2, ISO 20001, ISO 27002 & NIST
• 2+ years’ experience in securing and managing cloud computing such as and not limited to Azure and AWS environments.
• Good understanding of the CICD coding pipeline strategies
• 2+ years of experience with managing TLS certificates and managing a Key and Certificate Management system like Venafi
• Ability to handle multiple projects and tasks simultaneously and collaborate with all areas of the organization
• Ability to effectively review and identify gaps and provide solid technical plans to remediate any identified risks
• Good understanding of the following security frameworks: NIST Cybersecurity Framework, ISO 27001, 27002 & CIS Controls.
• Ability to build roadmaps and present to all levels of the organization
• Experience with DLP Systems such as building and deploying policies
• Experience with cloud environments such as monitoring and deploying security controls in Azure and AWS
• Excellent written and verbal communication skills
• Proficient in Microsoft Office programs
• Ability and willingness to consistently live and embrace our core values of accountable, inclusive, transparent, and focused 

Physical Demands:

• Standard office environment, remote eligible 
• Extended viewing of computer screens 
• Extended typing

Travel: N/A

Supervisory Functions: N/A