Cyber Security Engineer
1160 Monaghan Rd Peterborough, Ontario K9J 5L4
The Cyber Security Engineer will be responsible for proactively monitoring event sources for anomalies and developing creative ways to leverage technology, driving the " leg work" to accomplish high priority security objectives, conducting vulnerability assessments, validating the current understanding of the information systems, incident response activities, and being an all-star problem solver. The candidate will report directly to the Manager, Cyber Security Operations.
- Provides technical assistance with the initial set-up, secure deployment, and proper management of systems that support information security including virus detection, application whitelisting, centralized logging, secure email gateways, data loss prevention, web content filtering, intrusion detection systems, and intrusion prevention systems.
- Offers technical information security consulting services to support business initiatives that require risk assessments of technology solutions, including Software as a Service (SaaS), web-based applications, custom internally developed applications, and COTS solutions.
- Evaluates information system bug reports, threat intelligence, security exploit reports, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps.
- Performs risk assessments and tests of new technology platforms and leads the development of Standard Security Configuration Guides for these systems prior to production deployment.
- Utilizes vulnerability assessment software and related tools to immediately highlight errors in systems configuration, the need for the update of software with fixes and patches, and other security related changes.
- Acts as a technical consultant on information security incident investigations and performs digital forensic analysis of evidence files and malware samples.
- Mentors junior team members in information security fundamentals, skills, and practices to assist in their career development.
- Performs administration of the centralized logging platform, maintains system integrity, installs applications, develops custom dashboards to monitor security status of the environment, and produces periodic reports of key performance indicators and key risk indicators to support Cyber Security metrics at the executive and operational levels.
- Redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability.
- Serves as an active member of the Cyber Security Incident Response Team (CSIRT) and participates in security incident response efforts by directing first responders to triage an event and performing advanced response actions for escalated events.
- Develops technical documentation describing the deployment, configuration, and management of shared, networked, and multi-user information security systems.
- Supports awareness training of the workforce on information security standards, policies, and best practices.
- Regularly attends conferences, professional association meetings, and technical symposia to remain aware of the latest information security technological developments.
- A Bachelor’ s Degree in a related field is required.
- Must have a minimum of 5 years of experience in IT, performing risk assessments, developing security plans, and developing Standard Security Configuration Guides or similar technical products
- Candidate must have advanced technical skills and experience with the following: Splunk administration, network intrusion detection system (IDS) administration, Active Directory and Group Policy Objects, Anti-virus administration consoles, Data Loss Prevention (DLP) systems, Microsoft Windows operating systems, Linux operating systems and advanced cyber security toolkits, malware analysis, penetration testing, and digital forensics tools.
- Must have an understanding of open-source and other tools to assist in detection, prevention and analysis of security threats.
- Must have a working knowledge of system functions, cyber security policies, and cyber security protection requirements.
- Must have excellent communications skills, especially technical report writing; candidates are encouraged to submit a sample of a technical report authored by the candidate
- One or more of the following certifications: GSEC, CEH, CISSP, CISA, GCIH, OSCP.
- Must be able to maintain confidentiality when working with sensitive information.
- Ability to obtain and maintain a DOE security clearance is required.
- US citizenship with no dual citizenship is required.