Sr. Cybersecurity Engineer - Remote

Job Summary:

The Senior Security Engineer oversees the design, and implementation of the Akima’s security systems to protect Akima’s computer networks from cyber-attacks. Creates and maintains security standards. Defines and develops security requirements using risk assessments, threat modeling, testing, and analysis of existing systems. Designs action plans for policy creation and governance, system hardening, monitoring, incident response, disaster recovery, and emerging cybersecurity threats.

Job Responsibilities:

• Designs the system security, controls, processes, and procedures that monitor, detect, and respond to Cybersecurity incidents.

• Designs Cybersecurity Operations-related security systems by specifying tools, techniques, and equipment.

• Creates action plans, policies and governance framework in collaboration with senior leadership for system hardening, monitoring, incident response, disaster recovery, and emerging cybersecurity threats.

• Oversees the installation and configuration of preventative controls. Applies an interdisciplinary, collaborative approach to plan, design, develop, validate, and verify cyber solutions across the system development lifecycle.

• Champions the adoption of security-compatible software designs and best practices.

• Proactively ensures management of security issues and designs tools to monitor ’s computer networks for security issues, and vulnerabilities.

• Creates the planning framework and implementation of cyber risk assessment activities including threat modeling, vulnerability analysis, and analysis of mitigation solutions. Conducts cybersecurity test and evaluation of hardware and/or software designs to verify and validate compliance with defined specifications and requirements.

• Develops, evaluates, and analyzes design constraints, trade-offs, and detailed system and security design. Coordinates with Security Architect, system architects, and developers to provide oversight in the development of solutions.

• Provides engineering, delivery, and technical assistance of enterprise-class information security systems both on premise and in the cloud. Employs cybersecurity processes, methods, techniques and tools and assures their consistent application.

• Engages in development of best practices for continuous process improvement related to security monitoring and incident response systems including SIEM, XDR, digital forensics, and security response automation.

• Serves as second-level 24/7 escalation point for engineering, technical problem analysis, and resolution related to network and system security.

• Performs complex quantitative and qualitative analysis for business processes and/or projects. Responds, solves, and makes decisions on more complex/non-routine business requests with moderate to high risk.

• Provides technical and analytical guidance of technologies that support network and system security at an enterprise level.

• Develops, implements, and tunes security monitoring rules and detections to better detect security incidents.

• Provides analytical and technical leadership in the assessment of new security tools and technologies, recommend security related products for consideration within the MVW Cybersecurity Operations environment.

• Reviews and approves new security requests relating to information security tools. Keeps abreast of the latest intelligence from law enforcement and other sources of cyber threat information and implements best practices related to security.

• Manages the development and maintenance of security process activities which includes security operational readiness, deployment, and the continued protection of Servers, PCs, Middleware, Databases, Unix, and other IT systems.

• Provides subject matter expertise and incident response activities supporting cybersecurity operations and mentors junior members of the security team on best practices and current tools.

• Performs other duties as assigned.

Technical Requirements:

• Working knowledge of all, but not limited to the following:

  • Technology infrastructure using Firewalls, VPN, Data Loss Prevention, IDS/IPS, WebProxy and Security Audits.

  • Cybersecurity trends and hacking techniques.

  • Understanding of System Security Engineering (SSE) principals and process.

  • Information security challenges, domains, concepts, and principles.

  • Utilizes a variety of security information and event management (SEIM), data loss prevention (DLP), intrusion prevention systems (IPS), and other tools in designs.

  • Demonstrated expertise in the design, implementation, and management of SIEM technologies.

  • Ability to partner across the organization to drive security strategies that support business goals and objectives.

  • Strong verbal, written, listening and presentation communication skills. Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.

  • Demonstrated strong analytical skills, attention to detail, decision making skills and follow through.

  • Microsoft Office suite skills including Excel, Word and PowerPoint. Some SQL query skills are a plus.

  • Information Security assurance test skills such as architectural review, penetration testing tool use, and manual security assurance testing.

  • Familiarity and experience with project management methodology.

  • Ability to analyze processes in detail in order to create procedures that balance security concerns with the need for increased user productivity.

  • Ability to analyze large volumes of information from multiple sources in order to draw conclusions regarding suspicious patterns.

  • Investigative abilities involving working with ideas, searching for facts and solving problems.

  • Proven ability to engage on multiple assignments and consistently meet deadlines.

  • Proven ability to handle confidential material in a professional manner.

  • Ability to adapt to a continually changing business and work environments and manage multiple priorities.

  • Ability to lead teams to goals under significant time constraints.

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Technology and Management, Information Systems, or closely related technical field of study from an accredited college or university (required).

• Minimum of five (5) years of directly related information technology security experience with:

  • Incident detection, response and forensics (required).

  • Design, delivery, and management of information systems logging including (but not limited to) Windows Event Logs, Syslog, Firewall, IPS, and API integrations (required).

  • Creation of logging standards that align with various compliance and best practice requirements to include (but not limited to) and the MITRE Attack framework (required).

  • Experience with cybersecurity trends and hacking techniques (preferred).

  • Experience successfully managing and supporting of technologies for both in-house and 3rd party security systems (preferred).

  • Certifications such as CISSP, CRISC, CISM, and/or CCSP (preferred).

  • Cisco, Palo Alto Certifications CCNA, CCIE, PCNSE PCDRA. (preferred).

Working Conditions:

• This job may occasionally work in confined spaces. This role may include occasional on-call responsibilities for escalated issues.