Job Description :
General Function / Summary :
CNG Holdings is seeking a Senior level Cyber Security Engineer to add to our growing team. The Senior Cyber Security Engineer is responsible for building digital security protocols, operating a cyber security system and maintaining security controls for the CNG organization.
Essential Duties :
- Execute and track the performance of security measures to protect information and network infrastructure and computer systems.
- Maintain and execute a comprehensive technology roadmap.
- Knowledge of security systems including anti-virus applications, content filtering, Palo Alto firewalls, authentication systems, intrusion detection, Data Loss Prevention and SIEM
- Identify, define and document system security requirements and recommend solutions to management.
- Configure, troubleshoot and maintain security infrastructure software and hardware.
- Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation.
- Manage third party IT Security vendor relationships.
- Monitor systems for irregular behavior and configure preventive measures.
- Educate and train associates on information security best practices.
- Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
- Analyze information security hardware and software to ensure maximum performance and provide technical and managerial expertise for the administration of security tools.
- Lead security projects to ensure project milestones are met on time and within budget.
- Produce KPI’s for security controls managed by the IT Cyber Security team.
- Other assigned projects.
Minimum Education and Experience Required :
- Bachelor’s degree in Computer Science, MIS, or equivalent experience
- 4+ years of experience in IT security operational roles
- Proven experience developing, operating and maintaining security systems
- Extensive knowledge of operating system and database security
- Proficiency in networking technologies, network security and network monitoring solutions
- Knowledge of security systems including anti-virus applications, content filtering, Palo Alto firewalls, authentication systems, intrusion detection, Data Loss Prevention and SIEM
- In-depth knowledge of security protocols and principles
- In-depth knowledge of security controls such as CIS and frameworks such as SOC 2, ISO 20001, ISO 27002 & NIST
- Experience in securing and managing cloud computing such as but not limited to Azure and AWS
- Ability to handle multiple projects and tasks simultaneously and collaborate with all areas of the organization
- Ability to effectively review and identify gaps and provide solid technical plans to remediate any identified risks
- Good understanding of the following security frameworks : NIST Cybersecurity Framework, ISO 27001, 27002 & CIS Controls.
- Ability to build roadmaps and present to all levels of the organization
- Experience with DLP Systems such as building and deploying policies
- Experience with cloud environments such as monitoring and deploying security controls in Azure and AWS
- Excellent written and verbal communication skills
- Proficient in Microsoft Office programs
- Ability and willingness to consistently live and embrace our core values of accountable, inclusive, transparent, and focused
30+ days ago