Previous Job
Cyber Security Engineer
Ref No.: 18-19212
Location: Boston, Massachusetts
Role: The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required to respond to emergencies and to perform system maintenance that cannot be completed during normal business hours.

Under the supervision of the Security Manager, working individually or as part of a project team, the Cyber Security Engineer will continuously assess security and related risks to the enterprise office locations, assets, and employees and make recommendations for mitigation strategies that will decrease risk. He/she will assist in maintaining the confidentiality, integrity, and availability of computer workstations, servers, and local area networks.

Primary Responsibilities:

The Cyber Security Engineer will be responsible for all operational aspects of network security engineering: design, implementation, optimization, monitoring and troubleshooting of our LAN, WAN, WLAN and DR networks.

• Provide technical support for numerous standalone and network systems to include penetration testing, vulnerability scanning, virus updates, patches, service packs, and hot fixes, policies related to onboarding/offboarding of staff, media controls, and ensuring all security related documentation is notated as required. • Monitor networks and systems for security issues through the use of various security tools. • Perform vulnerability scans, analyse results and assist with the remediation as necessary. • Conduct regular audits to ensure authorized systems are being operated securely and are in compliance with security policies and procedures. • Monitor access to all information systems and report on compliance with established policies and procedures, relative to the level of potential risk and recommend appropriate corrections. • With the Security Manager, leverage security best practices to assess, design, test, approve, implement, and support new and existing multi-tier solutions in multiple sites and data centres. • Create accurate network diagrams and documentation for planning security-based changes, investigating network impact, and issuing resolution procedures. • Assist in implementing site procedures for marking, handling, and controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment. • Participate in and often lead investigations pertaining to threat assessment and mitigation for both internal and external threats. o Conduct investigations of anomalies found during audit trail analysis. o Participate in security related investigations as needed to ensure that policy defined tasks are completed.

Technical Qualifications:

Education and Experience • Bachelor's degree or higher in Information Technology or other engineering or technical discipline and at least 6 years IT experience with a minimum of 4 years Cyber Security Information experience. Four year relevant experience may be substituted with professional certification ¿ Certified Information Systems Security Professional (CISSP) ¿ CISA – Certified Information Systems Auditor (CISA) ¿ CEH – Certified Ethical Hacker (CEH) ¿ CISM – Certified Information Security Manager (CISM) ¿ ISSAP – Information Systems Security Architecture Professional (ISSAP) ¿ ISSEP – Information Systems Security Engineering Professional (ISSEP) • Experience with Windows OS Windows Server, Windows Domains, Active Directory, and GPO's. • In depth understanding of NIST SP 800-61. • Familiarity with routers, switches, firewalls, load balancers, proxies, accelerators, and wireless technologies. • Strong ability with security policy administration, ACLs, IPS/IDS, port scanning and pen-testing tools. • Experience in threat management and assessment as it relates to physical security. • Experience with corporate security risk assessment, analysis and mitigating controls. • Experience with endpoint security solutions, including file integrity monitoring, white listing, and data loss prevention.

Personal Attributes:
• Excellent analytical and problem solving skills. o Uses problem solving techniques such as root cause analysis to resolve issues. • Highly self-motivated and self-directed, with keen attention to detail. • Demonstrates excellent oral and written communication skills. • Ability to work independently and on multiple projects simultaneously. • Collaborates and assumes a technical leadership role when required. • Comfortable with presenting policies, mentoring colleagues on security best practices. • Ability to explain network and security concepts to both fellow technical staff in detail, and to nontechnical staff at an appropriate level. • Is effective in prioritizing tasks within a high-pressure competing environment. • Strong organizational skills. • Demonstrates an interest in working hard in a fast-paced environment, enjoys challenges, and has fun while doing it.