Cyber Security Engineer
Company: CompuScienceIT, LLC
Location: St Louis, Missouri
Salary: Market Sr
Close Date: Direct - Permanent
Title Sr. Cyber Security Engineer
The Senior Cyber Security Engineer provides security oversight to the company computing environment across several business lines. The Senior Cyber Security Engineer is responsible for consulting with various technical teams and business units providing guidance and effective security solutions to enable the business while maintaining compliance and best practices. The position will work closely with the Cyber Security Center, System and business owners to ensure appropriate security controls are in place, and security policies are being effectively employed to minimize threats and risk to the overall company environment. The individual must have a passion for security and will participate in round table discussions.
Responsibilities and Duties:
• Proactively work security issues and incidents to identify root cause and recommend fix.
• Consult with developers to provide code review and alternate solutions where appropriate to maintain best practices while reducing the attack surface and minimizing risk.
• Validate IT security solutions collaboratively with infrastructure and application development project teams ensuring that corporate security policy, standards and industry best practices are met.
• Raise awareness and assist in the communication of security policies and regulatory requirements, providing recommendations to maintain compliance.
• Assist with security mitigation and remediation efforts as needed.
• Deploy and configure technology, collaborating with IT Infrastructure teams and vendor product professional service partners.
• Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity, and availability of company assets.
• Act as system owner for security technologies and, working with the IT infrastructure team, ensure they remain properly maintained.
• Provide security consulting services, as needed, to various projects and business units.
• Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations. Gain commitment from stakeholders and project teams to implement recommended security controls.
• Assists information security compliance activities in support of audit and assessment activities, including customer, PCI, and internal audit reviews.
• Can be counted on to meet or exceed goals; pushes self and others for results; is a conscientious worker who can be relied upon to handle unforeseen obstacles.
• Deals with problems as they arise, focusing energy and resources on those situations until resolved; identifies new opportunities and takes action; takes on new responsibilities when needed.
• Participate with table top exercises.
• 7+ years of overall IT professional experience, with 5+ years of information security.
• Prefer 2+ years as information security consultant.
• Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security) and OWASP Top 10.
• Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
• Excellent written and oral communication skills.
• In-depth knowledge of the Cybersecurity Framework, ISO27001 and compliance requirements such as PCI, SOX, and HIPAA.
• Hands-on troubleshooting, analysis, and technical expertise to resolve security events; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, researching events, etc.
• Prefer BS in Engineering, Computer Science, Information Security, or Information Systems or equivalent work experience.
• Security certifications (CISSP, CISM, CEH, or similar certification desirable).
Jim Jennings 636-484-6869