Senior Cyber Security Engineer/ ISSM
Company: PCR Staffing
Location: Concord
Posted on: January 26, 2023
|
|
Job Description:
Senior Cyber Security Engineer / ISSM
The Senior Cyber Security Engineer / ISSM (Information Systems
Security Manager) is responsible for planning, integrating, and
managing the information security program. The ideal candidate will
have a strong hands-on technical background in information
technology and information security and be comfortable
collaborating regularly with both technology teams and business
leadership. The candidate will have primary responsibility for
evaluating existing security controls, identifying deficiencies in
the program, evaluating solutions, developing compensating
controls, managing control implementation, and communicating with
senior leadership on the overall security strategy plan and
status.
This is a hands-on Sr CyberSecurity Engineer role that can act as
the Information System Security Manager (ISSM) and eventually move
into the Director role as the team grows. Must have: Need plug and
play. Must be able to triage, root cause, diagnose, and solve
(strategy and tactical). Able to work as a lead and individual
contributor. Direct reports: 1 and will grow over the next 12-18
months Let me know if this was something you would like to
investigate and if so, see questions below and get back to me
ASAP.
Monitors information systems for security incidents and
vulnerabilities; develops monitoring and visibility capabilities;
reports on incidents, vulnerabilities, and trends. Provides new
requirements for additional monitoring Responds to information
system security incidents, including investigation of,
countermeasures to, and recovery from computer-based attacks,
unauthorized access, and policy breaches; interacts and coordinates
with third-party incident responders, including law enforcement.
Reviews current process and provides enhancements Analyzes trends,
news and changes in threat and compliance environment with respect
to organizational risk; advises organization management and
develops and executes plans for compliance and mitigation of risk;
performs risk and compliance self-assessments, engages and
coordinates third-party risk and compliance assessments. Provide
weekly and monthly scorecard reporting. Needs to drive compliance
Designs and implements security measures based on business risk and
industry best practices Maintains and evolves the governance
program including security policies, procedures, and plans to
safeguard data and systems from cyber-attacks Evaluates and
recommends security controls and procedures for acquisition,
development, and change management lifecycle of information
systems, and monitors for compliance. Conducts/oversees risk
assessments to identify potential security threats and
vulnerabilities and development of a risk treatment plan
This is a direct hire role, with onsite requirements . Candidates
based within 50 miles of Charlotte NC are HIGHLY preferred due to
the onsite requirements, this role is primarily onsite, no
exceptions. The salary range is $140,000 - $160,000 plus
bonus/benefits, 401K, Health, Dental , 401K , disability
Main Duties/Required Skills:
Bachelor's Degree, preferably in an Information Technology /
Cybersecurity Field.
CISSP, GISP, GPEN, GWAPT, or related SANS certifications are highly
preferred
Experience in cyber security, network and/or application security
engineering, or other closely related discipline with hands on
experience with the following technologies: penetration testing
tools, network security (fwlls), AAA services (authentication,
authorization, EDR solutions such as CrowdStrike or Sentinel1, PCI
compliance tools, General familiarity with industry specific
security standards such as CIS 18 Controls, PCI DSS, NIST
Cybersecurity Framework, GDPR, ISO/IEC 27001/27002/27032
Proven oral, written, and presentation skills with various
audiences from technical, business customer, and management,
including the ability to drive technical change and constructively
influence peers and leadership
Self-motivated, results-oriented, with demonstrated leadership and
problem-solving abilities with a strong comprehension of emerging
threats, offensive/defensive technologies, and countermeasures
Demonstrated experience security controls with system engineering
lifecycle, requirements analysis and mapping, testing,
implementation, and optimization
Experience documenting, presenting, and communicating technical
solution designs and operating procedures
Nice to have Skills:
Key Skills:
Cybersecurity
CISSP
GPEN
Security Engineer
Bachelor's Degree Requirement: No preferred-
Keywords: PCR Staffing, Charlotte , Senior Cyber Security Engineer/ ISSM, Engineering , Concord, North Carolina
Click
here to apply!
|