Job Overview:
The Cyber Security Engineer is responsible for safeguarding an organization’s IT infrastructure and data by implementing, managing, and enhancing security measures. This role involves identifying potential security threats, developing and deploying solutions, and responding to security incidents to protect the organization’s assets.
Key Responsibilities:
- Security Strategy and Planning:
- Develop and implement security policies, protocols, and procedures to ensure the protection of the organization’s data and IT systems.
- Conduct risk assessments and vulnerability analyses to identify and mitigate potential threats.
- System Protection and Monitoring:
- Design, configure, and manage security tools and technologies such as firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS).
- Monitor network traffic and security alerts to detect and respond to suspicious activities or breaches.
- Incident Response and Management:
- Investigate security incidents and breaches to determine their impact, causes, and solutions.
- Develop and execute incident response plans, including containment, eradication, and recovery processes.
- Security Infrastructure:
- Implement and manage security solutions including encryption, multi-factor authentication, and network segmentation.
- Regularly update and patch systems to address vulnerabilities and protect against emerging threats.
- Compliance and Reporting:
- Ensure compliance with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, ISO 27001).
- Prepare and present detailed reports on security incidents, vulnerabilities, and compliance status to management and stakeholders.
- Collaboration and Training:
- Work closely with other IT and security team members to enhance overall security posture.
- Provide training and awareness programs to educate employees about security best practices and policies.
- Research and Development:
- Stay current with the latest security trends, technologies, and threat intelligence.
- Evaluate and recommend new security tools and technologies to improve the organization’s security infrastructure.
Basic Qualifications
- 5+ years of professional experience in professional services, Federal government, or Federal consulting
- 3+ years of experience in the cybersecurity or information assurance field and capable of providing an operational understanding of the cybersecurity program within DoD
- 2+ years of experience with supporting DoD-level cybersecurity service provider (CSSP) teams
- 4+ years of experience with writing or drafting executive or formal senior-level correspondence and material to support decision-making and strategy development
- 2+ years of experience drafting technical writing at the organization level (e.g., drafting organization-level technical policies, and strategies)
- BA or BS degree
- Must be willing and able to obtain a DoD Security Clearance.
Additional Qualifications:
- Excellent written and verbal communication skills
- Experience facilitating meetings such as working groups, conferences, and associated pre and post-meeting activities
- Possession of strong organizational skills with the ability to multi-task and prioritize responsibilities
- Knowledge of NIST 800 series publications
- Knowledge of Joint instructions and manuals
- CISSP or CISM Certification