Monitor security systems and events to assess, detect, analyze, and investigate threats. Work regularly to enhance current solutions to improve security posture. Communicate technical security requirements, install security measures, and recommend raising the level of security awareness. Participate in all cybersecurity incidents providing analysis and documentation.
*This is an ON-SITE position Monday-Friday.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Includes the following:
· Must be available 24x7 for cyber incident response support
· Fulfillment of responsibilities must be performed with little to no supervision
· Required to be in-office locations on a full-time basis
· Responsible for logging, tracking, documenting and resolving all cyber incidents in the designated solution
· Support security policies and standards
· Researches, evaluates and recommends new security services/solutions
· Develops, monitors and evaluates access control security standards.
· Designs and implements security controls designed to detect and protect against cyber-attacks and other persistent threats.
· Monitors and analyzes potential infrastructure security events to determine if event qualifies as a legitimate security incident.
· Investigates legitimate security incidents and submits findings following forensic guidelines to preserve evidence for potential legal action; recommends prevention solutions to IT security engineering and/or incident response.
· Performs regular network monitoring and intrusion detection analysis using various Computer Network Defense tools, such as Intrusion Detection/Prevention Systems, Firewalls, SIEM, NAC, and Vulnerability Management tools.
· Coordinates and performs penetration testing, vulnerability scanning and code reviews to identify and address security weakness and access control audits for systems and applications.
· Performs coordination and weekly updates to cybersecurity risks (risk register) including driving risks to closure with IT security engineering and other internal/external resources.
· Conducts correlation analysis across numerous internal and external data sources, identifying security incidents and supporting incident response activities.
· Assures all basic cybersecurity requests/incident tickets are closed in a timely manner and assigned changes, enhancements, and other ticket creation requests are submitted with all required data.
· Conducts interviews with end users involved with a security incident.
· Assists in conducting security testing, verification, and risk analysis of the company’s network and systems.
· Analyzes and reports patching status of OS and Applications and works directly with applicable teams for remediation.
· Assists in the creation and deployment of regular user training articles, phishing campaigns, and Cybersecurity Awareness campaigns.
· Collaborates with team to ensure all cybersecurity policies and procedures are regularly updated and maintained including upgrades to latest PCI and NIST standards.
· Participates in knowledge sharing to develop solutions efficiently.
· Provides project support as assigned
· Performs other job-related duties as assigned.
SUPERVISORY/MANAGEMENT AUTHORITY
No supervisory/management authority.
EDUCATION AND EXPERIENCE
Bachelor’s degree in computer science, information systems, or other related field, and 4 to 6 years of cybersecurity experience or an equivalent combination of education and experience. Four (4) years of information technology experience managing security solutions with a business network and Active Directory, mitigating viruses, malware, and spam, and/or reporting on vulnerability and risk via Qualys required. Certified Ethical Hacker (CEH) and/or Certified Information Systems Security Professional (CISSP) certifications preferred.
KNOWLEDGE, SKILLS AND ABILITIES
· 3+ years of experience in cybersecurity and common security tools/platforms
· 3+ years of advanced administration and troubleshooting of O365 and associated services
· Extensive experience in cybersecurity analysis, incident response, and documentation
· Proficiency in conducting security assessments, vulnerability testing, review of technology solutions with experience in documenting findings and recommendations
· Excellent analytical and problem-solving skills, with the ability to assess complex security challenges and develop effective solutions, with expertise in documenting incident response activities and outcomes
· Working knowledge of NIST Cybersecurity Framework and CIS Critical Security Controls.
· Advanced knowledge of information security and network technologies and concepts
· Advanced knowledge of firewalls, proxies, SIEM, antivirus, and IDPS concepts
· Ability to design, build, and maintain information security systems
· Ability to pro-actively identify, track, and resolve system vulnerabilities
· Proven experience with multiple platforms from Mac, Windows, iOS, Android, preferred
· Strong communication, organizational, presentation and documentation skills
· Have a can-do attitude and demonstrate a passion for new technology and learning
· Ability to maintain confidentiality and exercise discretion
· Strong initiative, integrity, self-motivated and have great attention to detail
· Excellent communicator whether it is face-to-face, written or oral communication
WORK ENVIRONMENT
This position is fully on-site 5 days a week. Work is primarily performed in a climate-controlled office-setting. Work may require travel, including overnight stays. Work will require varied shifts including, weekends and holidays, as needed (on call).
Seniority level
Not Applicable
Employment type
Full-time
Job function
Information Technology
Industries
Information Services
Referrals increase your chances of interviewing at Cherokee Nation Businesses by 2x