Cyber Security Engineer
We are seeking a Cyber Security Engineer to serve as a subject matter expert in many areas of security and is able to describe and document in business terms the impact of security policies, standards, and architecture. This person will play a vital dual role in our organization, with time being spent facilitating our Cybersecurity offering as well as working on network and server-based projects in a Network Engineering role. This person will provide security direction to the business and project stakeholders to ensure that security is a key focus for all projects and new business initiatives, as well as technical expertise on assigned clients, tickets, and projects.
- Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design) and cloud-based technologies
- Strong background in Network Engineering including a deep understanding of Windows Server architecture, Windows Virtualization, Networking, Backup Solutions, and Disaster Recovery
- Deliver technical support over the phone and in person, understands support processes
- Monitor assigned tickets and task and provide service or escalation as necessary
- Lead and manage complex projects such as infrastructure installations and upgrades
- Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention, and identity management solutions both internally and within cloud provided services.
- Strong background in Microsoft security architecture including a deep knowledge of server and workstation security.
- Able to translate business and non-functional requirements to establish security controls so that a proper security design can be architected and to document the security solution for communication and publication.
- Demonstrated analytical skills – continuously define problems, collect or interpret data, establish facts, anticipate obstacles, and develops plans to resolve; strong problem-solving skills while communicating in a clear and succinct manner effectively evaluating information/data to make decisions.
- Strong knowledge of data and information flows, information governance, and network protocols.
- Proven understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.
- Experience of designing and incorporating technical security controls that align to NIST 800-53
- Experience of designing and managing security controls within service providers and the cloud.
- Prepared to challenge business and IT colleagues and have the “difficult conversations” where needed in the interests of the company
- Strong communication, leadership, and partnering skills.
- Demonstrated customer focus – evaluate decisions through the eyes of the customer; build strong customer relationships and create processes with customer viewpoint.
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
- Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
- Prior Managed Services experience preferred.
- Accurately enter and maintain ticket information including notes and resolution
- Adhere to departmental policies for reporting and managing requests and change controls
- Internal IT support as needed
- Identify sales opportunities and pass the information to correct team members
- Submit timesheets accurately and timely
- Other duties as required
- This role will be split between Cybersecurity and Network Engineering as we grow this practice within our organization.
- Business and Project Consulting
- Project engagement during the initiation, requirements, and design stages to ensure that security has been considered and is included in the design at the appropriate level based on the risks.
- Security review and design of complex applications and technologies.
- Evaluation and maintenance of security system plans and procedures to safeguard internal information systems.
- Researching and recommendation/implementation of changes to procedures and systems to enhance security aligned with corporate policies
- Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.
- This role will be placed on multiple projects with the expectation that the Cyber Security Engineer will be able to coordinate with Management and fellow co-workers in identifying existing security services that can be leveraged by the project.
- Perform security risk assessments to determine level of security services to include.
- Provide testing scenarios to the business, ensuring the security controls are in place as required.
- Elevate residual risk to be included in the risk register and approved by the key stakeholders where they cannot be mitigated or addressed.
Reports to Manager, IT Services
Work Environment / Physical Demands
- Use of computer and office equipment.
- Ability to remain calm in stressful situations
- Performs all administrative functions expected at this level.
- Strong understanding of available tools to assist in daily tasks
- Ability to troubleshoot server based software issues with:
- Microsoft Windows Server 2003/2008/2012/2016
- Microsoft Windows Active Directory Infrastructure
- On Premise Microsoft Exchange 2007/2010/2013, coexistence Microsoft Exchange 2007/2010 / Microsoft Office 365, and hosted Microsoft Office 365
- Microsoft SQL 2005/2008/2014 Server
- Microsoft Remote Desktop Services 2008/2012/2016
- Microsoft Hyper-V and VMWare
- Major Anti-Virus solutions
- Enterprise class backup solutions
- Very knowledgeable of various server/workstation peripherals such as NAS/SAN solutions.
- In depth knowledge of workstation/server hardware and software troubleshooting abilities
- Strong understanding of networking equipment such as Switches, Firewalls, and Wireless Access Points
- Working knowledge of HP and Dell equipment; general understanding of storage solutions
- Extremely knowledgeable in troubleshooting and resolving workstations based issues with
- Microsoft Windows XP, Vista, 7, 8, and 10 (x32 and x64)
- Microsoft Office 2007, 2010, 2013, and 2016
- Microsoft Online Services (Office 365)
- Knowledge and understanding of AD, DNS, the Internet and mail flow
- Strong written and verbal communication skills
- Pleasant and professional demeanor in all client and internal communications
- Ability to multi task
- Intellectually resourceful with sound judgment and effective decision-making abilities
- Independent worker and able to work effectively on daily tasks without direct supervision
- Strong organization skills and ability to operate efficiently throughout daily tasks
- In general, owns issues through resolution although understands when to escalate a problem to another team member and whom to escalate to; accepts escalated issues; and mentors when appropriate
- Demonstrates empathy with users and professionalism at all times
- Work well with clients at all levels, from executive to IT to end user
- Operates with client satisfaction in mind
- Energy, enthusiasm and results-oriented
Education and Experience
- Minimum of five (5) years of information technology with at least 3 years in IT Security.
- Educated to degree level (or equivalent combination of education and experience).
- Information Security Qualifications such as CISSP, ISSAP, and SABSA practitioner a plus.
- Knowledge of government compliance standards (NIST, DISA STIG, USGCB, CIS Benchmark)
- Security Qualifications such as SANs, CCNA, CCNP.
- Ability to schedule for evening or weekend work occasionally
- Valid driver’s license in your state of residence and reliable personal vehicle
We offer a competitive compensation and vacation package in addition to the following:
- Health Insurance
- Dental Insurance
- 401(k) plan w/ 4% match
- Company paid Life Insurance
- Company paid LTD
- Casual work environment
Qualified candidates must submit resume in addition to salary requirements. Resumes without salary requirements may not be considered.
In connection with your consideration for employment, ComTec Solutions, LLC. requires all applicants consent to undergo a drug and investigative background check.
ComTec Solutions, LLC. is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
ComTec Solutions, LLC. must comply with the International Traffic in Arms Regulations (ITAR) issued by the United States Department of State, Department of Defense Trade Controls. Because of ITAR, the company must limit employment opportunities to US citizens or lawful permanent residents of the United States, or those admitted as a refugee or granted asylum.