Our associates celebrate lives. We celebrate our associates.
Consider the possibilities of joining a Great Place to Work!
The Cyber Security Engineer assesses, designs, builds and maintains systems ensuring the confidentiality, integrity, and availability of organizational systems and data. As a technical security expert, drive continuous improvement. This role’s primary responsibilities are in the areas of Privileged Access Management and Vulnerability Management.
JOB RESPONSIBILITIES
Security Operations
Analyze security systems and capabilities, seeking to continually improve.
By way of expert understanding and use of security solutions, support Incident Response.
Develop integrations between hardware and software solutions to provide security outcomes by leveraging orchestration, automation, and correlation.
Analyze emerging security threats, and identifies gaps in existing tooling and capabilities. Makes necessary changes to address identified gaps.
Contribute to the development and improvement of best practices and security standards for the organization.
Translate technology and environmental conditions (e.g. law and regulation) into system and security designs and requirements.
As required, create security documentation, and other written work products to ensure important information is captured, shared, and retained.
Implement and Manage Security Solutions
Identify, assess and recommend risk-appropriate security solutions to provide for the confidentiality, integrity, and availability of organizational systems and data.
In partnership with IT and Security Architecture, plan, research, design, and implement robust security solutions. Test solutions to ensure they achieve the expected outcome.
Develop and maintain documentation of security solutions.
Provide for the routine maintenance, patching, major updates, and other administrative considerations for security tooling.
Privileged Access Management
Serve as technical subject matter expert for implementation and maintenance of Privileged Access Management tools.
Utilize knowledge of PAM best practices to protect privileged credentials and privileged endpoint functions.
Advise on PAM strategy and operational plans; execute as technical SME.
Optimize tooling to meet PAM initiatives and business objectives.
Drive initiatives to transform PAM provisioning and lifecycle management, leveraging self-service and automation capabilities to enable a frictionless user experience.
Implement and manage integration with other technology solutions, resulting in increased leverage of PAM tools and capabilities.
Facilitate the continuous adoption, training, communication and education of PAM capabilities, functions and standards.
Vulnerability Management
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations and policies; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures.
Conduct and/or support authorized penetration testing on enterprise network assets.
Assess, recommend, implement, configure, and maintain security tools necessary to perform vulnerability and policy compliance assessments on a variety of assets such as servers, network devices, IoT, workstations, and applications. Support other security tooling as required.
As supported by threat intelligence sources, use vulnerability and compliance management tools to coordinate reporting efforts and understand potential risk and impact; coordinate mitigation/remediation efforts.
Identifies improvement opportunities in security operational tooling, metrics, documentation, and other contributing facilities to vulnerability management outcomes; proactively communicates improvement opportunities to leadership.
Clearly communicates vulnerability attributes, risk, and remediation requirements to technical and non-technical audiences. Acts as an advocate for vulnerability management to broaden awareness and promote best practices.
Minimum Requirements
Education
- High School Diploma or equivalent required
Certifications
- Prefer at least one of the following certifications: CompTIA Cybersecurity Analyst+ (CySA+), Security+, Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP)
Experience
Minimum five (5) years of Cyber Security experience, preferably in a Security Engineer position with PAM and Vulnerability Management responsibilities.
Preferred experience with the following:
Implementing and managing CyberArk PAM and EPM
Implementing and managing Vulnerability Management and Analytics Platforms (Qualys, Tenable, Rapid 7, Kenna, Vulcan.io, etc.) in a large enterprise environment
Managing and analyzing large volumes of data with solutions like PowerBI, ELK, Splunk, Kenna, etc.
Security compliance frameworks (NIST, CIS, etc.)
IT disciplines (server/virtualization, network, cloud, DevOps, etc.)
Scripting and integration
Background in foundational IT infrastructure concepts (network, server, virtualization, data center)
Experience with static and dynamic code scanning tools, interpreting results, and working with development teams to achieve remediation
Knowledge, Skills and Abilities
Demonstrated knowledge of a wide variety of operating systems, network devices, endpoints, and web technologies
Demonstrated strong knowledge of Privileged Access Management concepts and tooling
Demonstrated strong knowledge of OWASP vulnerabilities
Demonstrated knowledge of network security concepts
Demonstrated knowledge of modern threat actors, malware, and TTPs
Demonstrated knowledge of Scripting abilities (PowerShell, Python, etc.)
Demonstrated knowledge of Vulnerability Management Platforms; Qualys strongly preferred
Computer literate and proficient with MS Office, Word, Excel, and Power Point
Work conditions
When considering the work environment associated with this job, the following factors may apply:
Work Environment
Work Postures
Frequent, continuous periods of time sitting or standing, up 6 hours per day
Frequently climbing stairs to access buildings
Physical Demands
- Physical effort requiring manual dexterity is required, includes paperwork, calculators, computers and phone usage
Work Hours
May work beyond standard hours as business needs arise
Limited amount of local travel
Rotational on-call responsibilities
Postal Code: 77019
Category (Portal Searching): Information Technology
Job Location: US-TX - Houston