Cybersecurity System Engineer

Job Description Job Description

a) Duties and responsibilities of the Cybersecurity System Engineer includes but
are not limited to the following:

Responsible for conducting in-depth assessments of the organization's cybersecurity systems, technologies, and architecture. This role involves analyzing system designs, configurations, and operational practices to identify vulnerabilities, gaps, and areas for improvement. May be involved in develop, deploy, and operate IT and operational technologies (also known as "industrial control systems"), cybersecurity-related systems, services, and tools (networks, data, software, and hardware), pertaining to cybersecurity-related initiatives. The Cybersecurity System Analyst works closely with technical teams to evaluate security controls, assess risks, and recommend solutions to enhance the overall security posture of the organization's systems and infrastructure:

(1) Conduct threat modeling exercises to identify design and operational gaps in environments, systems, and software.
(2) Perform technical cybersecurity architecture reviews and assessments across various technologies in OT and IT environments.
(3) Implement hardening standards (e.g., STIG, CIS) for hardware, operating systems, and software.
(4) Design and implement enterprise security technology architecture for effective operationalization.
(5) Develop resilience strategies based on a deep understanding of advanced persistent threat techniques and tactics.
(6) Manage the secure software development lifecycle and conduct software assessments, applying industry best practices (e.g., OWASP, NIST).
(7) Tooling knowledge of IT Access Control and Digital Rights Management (applications, file shares, etc.), Security Information Event Manager (SIEM), Data security and data protection software solutions, Network security software solutions platforms, Systems and Network Communication Protection (including network segmentation), System and Information Integrity, Enterprise IT Asset Management and Enterprise Patching, Secure Configuration Management (CM), System/ Enterprise Tool Evaluation and Enhancements (data flow, white- and blacklisting, IP tracking tools, system categorization, host intrusion prevention system, Traditional and advanced antivirus protection, Microsoft (MS) Active Directory Security, Vulnerability Scanning and Remediation, Industrial Control System Security and Remediation, Secure Cloud Infrastructure, i.e., Office 365, Azure Security Portals, etc., Microsoft (MS) Active Directory Security, Artificial Intelligence and Machine Leaming as it relates to Cybersecurity desired, but not required.

Industry Security Requirements:

NIST, HIPAA, GDPR, CMMC, PCI DSS, ISO, CIS Controls and ideally demonstrate involvement in remediating the deficiencies.

Company Description

Leading the Way in Transportation Solutions and Driving Future Mobility with Advanced Analytics. Come be a part of a growing firm where we turn bigger challenges into greater solutions.

Company Description Leading the Way in Transportation Solutions and Driving Future Mobility with Advanced Analytics. Come be a part of a growing firm where we turn bigger challenges into greater solutions.