Principal Security Engineer I - Risk Assessment

Position Type : Full Time Location : Greenwood Village, Colorado Date Posted : Date posted 08 / 26 / 2024 Anticipated Close Date : 2024-09-09 04 : 00 AM (UTC) Areas of interest : Cybersecurity, Engineering Requisition Number : 2024-36885 Business unit : Network Operations ESE601

This posting has been extended beyond the initial anticipated closing date.

JOB SCOPE

The Principal Security Engineer I (PSE I) is responsible for executing Cybersecurity risk assessments, processing risk acceptance requests, and executing risk evaluations for new / incoming projects and products.

The PSE will follow established risk assessment processes and procedures, identify threats against the identified system / application, collect artifacts from the evaluation / analysis, and assign a risk value.

PSEs will also evaluate risk acceptance treatment requests and risks posed by that request, assign a risk value, and then process that request using established business processes.

The PSE will also evaluate new / incoming requests to identify risks posed to the business before a new product or system can be moved from design to development to release.

A successful candidate will have excellent organizational skills, attention to detail, the ability to apply critical thinking and problem-solving skills.

DUTIES AND RESPONSIBILITIES

• Design and implement Risk Governance processes and controls to provide security risks, mitigations, and input on other technical risks.
• Lead the execution of security risk assessments and control-based testing.
• Facilitates risk management efforts (i.e. risk review, identification, assessment, and mitigation planning) for applications and / or environments.
• Design and implement an effective risk management amongst infrastructure and processes to ensure that Charter’s network is securely configured and appropriately protected.
• Track audit findings and recommendations to ensure appropriate remediation activities are taken.
• Facilities and / or briefs multiple meetings or forums weekly and / or monthly.
• Review work plans and designs and advises on improvements based on security requirements.
• Ensure compliance with security standards, policies, and procedures.
• Adhere to industry specific local, state, and federal regulations, as applicable.
• Mentor and guides the work of technical security staff.

BASIC / MINIMUM QUALIFICATIONS

• Bachelor's Degree in Computer Science, Information Security or related field and / or related work experience
• Minimum of Eight (8) years of IT / Network Engineering experience
• Minimum of Eight (8) years of Cyber Security experience

ADDITIONAL JOB QUALIFICATIONS

Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straightforward, and professional manner

Expert knowledge of risk management processes and security related frameworks.

Must understand risk assessments, how to review technology, people, and processes to identify risks, and how to perform audits or control-based testing.

Must understand information security policies, standards, industry best practices, and frameworks.

Expert knowledge of related industry specifications and standards NIST, CSRIC, Firewalls, Intrusion Detection and Prevention, DNS, Routing, Ethernet and Transport technologies and protocols

Expert knowledge in network security design, network security architecture, TCP / IP protocols and topology

Expert knowledge of security and lifecycle management, auditing methodology, and technology risk assessments.

Demonstrated leadership capabilities with the ability to work across functional boundaries, build consensus and drive results.

Must have strong written and verbal communication skills and should have good presentation skills.

Must be an analytical person, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change.

PREFERRED QUALIFICATIONS

• Master’s or Bachelor's Degree in Computer Science or Information Systems or related field or related work experience
• Certified Information Systems Security Professional (CISSP)
• Industry and vendor specific certifications and training (UNIX, Cisco, Juniper)
• Minimm five years (5) of IT / network experience
• Minimum five years (5) of Information security experience
• Minimum four years (4) of Information security risk management experience

sCertified Information Systems Security Professional (CISSP) or Security Risk Management Certification

Industry and vendor specific certifications and training (UNIX, Cisco, Juniper)

Information Technology Infrastructure Library (ITIL) Certification

WORKING CONDITIONS

• Office Environment
• Minimal Travel Required

LI-AK

ESE601 2024-36885 2024

Here, employees don’t just have jobs, they build careers. That’s why we believe in offering a comprehensive package that rewards employees for their contributions to our success, supports all aspects of their well-being, and delivers real value at every stage of life.

A qualified applicant’s criminal history, if any, will be considered in a manner consistent with applicable laws, including local ordinances.

This job posting will remain open until 2024-09-09 04 : 00 AM (UTC) and will be extended if necessary.

The pay for this position has a salary range of $110,800.00 to $196,400.00 . The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience and location.

Also, certain positions are eligible for additional forms of compensation such as bonuses.