Cybersecurity Engineer
Location: Las Vegas, NV; Niles, IL; Remote
Purpose: Supports critical cybersecurity functions. Reviews design of cloud security architecture and manages the security architecture process for the organization. Manages vulnerabilities and drives the organization to remediate issues. Supports identity and access management (IAM) processes and systems. Partners with our MSSP on investigations, threat hunting, malware analysis, and incident response.
Primary Responsibilities:
- Implement the CIS 18 Critical Security Controls throughout the organization
- Manage security vulnerabilities and the remediation process
- Coordinate and analyze regular network scans and penetration tests
- Manage application security using SAST and DAST tools, and drive the remediation process with development teams
- Analyze threat intelligence and determines how it applies to our systems
- Manage production security tools including a CASB, SIEM, EDR, WAF and IDS/IPS
- Works with our MSSP to investigate escalations related to malware and SIEM logs
- Develop process to manage and monitor identities across Pavilion applications and systems
- Design and operate scalable processes for access rights reviews across the organization
- Review the architecture of new features and products to ensure that security and IT compliance requirements have been met
- Manage our CSPM platform and assess and propose solutions regarding cloud security to leadership
What You'll Need
- At least 3 years of experience in a cybersecurity role
- Experiencing collecting, analyzing, and risk rating security vulnerabilities, including AppSec vulnerabilities
- Experience with managing IAM processes and identities throughout an organization and experience with IAM platforms like SailPoint or Zilla desirable
- Experienced with investigating security incidents and threat hunting
- Proficient with Microsoft Azure and O365
- Proficient with Windows and LINUX operating systems
- Experience with PaaS and Container security desirable and an understanding of how to use CASB tools
- Experienced with network design and cloud security architecture
- Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies
- Experience with Palo Alto firewalls, Prisma, and Pandora desirable but not required
- Experience with Cisco Umbrella and Meraki firewalls desirable but not required
- Experience with the PCI-DSS or similar compliance frameworks desirable
- Security certifications including CISSP, CCSP, CISA, CISM, Security+, etc. desirable but not required
- SQL knowledge and business analytics skills a plus
- Bachelor's degree in cybersecurity, computer science, or a related field desirable but not required
- Fluency in one or more programming or scripting languages desirable but not required