We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Career Site Update

We are pleased to announce that we have updated our applicant tracking system to Workday Recruiting. Returning applicants with an iCIMS profile must create a new “Candidate Home” in Workday. All current associates must apply through “My Career” on your Workday homepage. For additional information, please click on the highlighted FAQ link.

Our Teams

Field

View Field Jobs

Sales

View Sales Jobs

Corporate

View Corporate Jobs

Veterans

View Veterans Jobs

Job Locations

{{ pagination.total }} {{seoJobDescription}}

{{ formStatusText }}

{{details.job.title}}

Requistion ID: {{ getCustomAttribute( details.job, 'reqid') }}

Estimated Travel: {{ getCommuteTime(details) }} minutes.

{{ getCustomAttribute( details.job, 'city_admin1_country')}}

Current Search Criteria:

More Less

Commute Options

Cybersecurity Engineer | SCI Jobs

Job Information

SCI Shared Resources, LLC Cybersecurity Engineer in Houston, Texas

Our associates celebrate lives. We celebrate our associates.

Consider the possibilities of joining a Great Place to Work!

The Cyber Security Engineer assesses, designs, builds and maintains systems ensuring the confidentiality, integrity, and availability of organizational systems and data. As a technical security expert, drive continuous improvement. This role’s primary responsibilities are in the areas of Privileged Access Management and Vulnerability Management.

JOB RESPONSIBILITIES

Security Operations

  • Analyze security systems and capabilities, seeking to continually improve.

  • By way of expert understanding and use of security solutions, support Incident Response.

  • Develop integrations between hardware and software solutions to provide security outcomes by leveraging orchestration, automation, and correlation.

  • Analyze emerging security threats, and identifies gaps in existing tooling and capabilities. Makes necessary changes to address identified gaps.

  • Contribute to the development and improvement of best practices and security standards for the organization.

  • Translate technology and environmental conditions (e.g. law and regulation) into system and security designs and requirements.

  • As required, create security documentation, and other written work products to ensure important information is captured, shared, and retained.

Implement and Manage Security Solutions

  • Identify, assess and recommend risk-appropriate security solutions to provide for the confidentiality, integrity, and availability of organizational systems and data.

  • In partnership with IT and Security Architecture, plan, research, design, and implement robust security solutions. Test solutions to ensure they achieve the expected outcome.

  • Develop and maintain documentation of security solutions.

  • Provide for the routine maintenance, patching, major updates, and other administrative considerations for security tooling.

Privileged Access Management

  • Serve as technical subject matter expert for implementation and maintenance of Privileged Access Management tools.

  • Utilize knowledge of PAM best practices to protect privileged credentials and privileged endpoint functions.

  • Advise on PAM strategy and operational plans; execute as technical SME.

  • Optimize tooling to meet PAM initiatives and business objectives.

  • Drive initiatives to transform PAM provisioning and lifecycle management, leveraging self-service and automation capabilities to enable a frictionless user experience.

  • Implement and manage integration with other technology solutions, resulting in increased leverage of PAM tools and capabilities.

  • Facilitate the continuous adoption, training, communication and education of PAM capabilities, functions and standards.

Vulnerability Management

  • Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations and policies; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures.

  • Conduct and/or support authorized penetration testing on enterprise network assets.

  • Assess, recommend, implement, configure, and maintain security tools necessary to perform vulnerability and policy compliance assessments on a variety of assets such as servers, network devices, IoT, workstations, and applications. Support other security tooling as required.

  • As supported by threat intelligence sources, use vulnerability and compliance management tools to coordinate reporting efforts and understand potential risk and impact; coordinate mitigation/remediation efforts.

  • Identifies improvement opportunities in security operational tooling, metrics, documentation, and other contributing facilities to vulnerability management outcomes; proactively communicates improvement opportunities to leadership.

  • Clearly communicates vulnerability attributes, risk, and remediation requirements to technical and non-technical audiences. Acts as an advocate for vulnerability management to broaden awareness and promote best practices.

Minimum Requirements

Education

  • High School Diploma or equivalent required

Certifications

  • Prefer at least one of the following certifications: CompTIA Cybersecurity Analyst+ (CySA+), Security+, Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP)

Experience

  • Minimum five (5) years of Cyber Security experience, preferably in a Security Engineer position with PAM and Vulnerability Management responsibilities.

  • Preferred experience with the following:

  • Implementing and managing CyberArk PAM and EPM

  • Implementing and managing Vulnerability Management and Analytics Platforms (Qualys, Tenable, Rapid 7, Kenna, Vulcan.io, etc.) in a large enterprise environment

  • Managing and analyzing large volumes of data with solutions like PowerBI, ELK, Splunk, Kenna, etc.

  • Security compliance frameworks (NIST, CIS, etc.)

  • IT disciplines (server/virtualization, network, cloud, DevOps, etc.)

  • Scripting and integration

  • Background in foundational IT infrastructure concepts (network, server, virtualization, data center)

  • Experience with static and dynamic code scanning tools, interpreting results, and working with development teams to achieve remediation

Knowledge, Skills and Abilities

  • Demonstrated knowledge of a wide variety of operating systems, network devices, endpoints, and web technologies

  • Demonstrated strong knowledge of Privileged Access Management concepts and tooling

  • Demonstrated strong knowledge of OWASP vulnerabilities

  • Demonstrated knowledge of network security concepts

  • Demonstrated knowledge of modern threat actors, malware, and TTPs

  • Demonstrated knowledge of Scripting abilities (PowerShell, Python, etc.)

  • Demonstrated knowledge of Vulnerability Management Platforms; Qualys strongly preferred

  • Computer literate and proficient with MS Office, Word, Excel, and Power Point

Work conditions

When considering the work environment associated with this job, the following factors may apply:

Work Environment

  • Work is primarily indoors

  • Professional dress is required when in contact with families.

Work Postures

  • Frequent, continuous periods of time sitting or standing, up 6 hours per day

  • Frequently climbing stairs to access buildings

Physical Demands

  • Physical effort requiring manual dexterity is required, includes paperwork, calculators, computers and phone usage

Work Hours

  • May work beyond standard hours as business needs arise

  • Limited amount of local travel

  • Rotational on-call responsibilities

Postal Code: 77019

Category (Portal Searching): Information Technology

Job Location: US-TX - Houston