JOB Description:
Cybersecurity engineer reports to the Chief Information Officer with a dotted line to the Chief Compliance Officer. This role is pivotal in leading the Cybersecurity Program to protect our organization’s critical information assets through NIST Cybersecurity Framework and practices, ensure regulatory compliance, and help organization become more proactive in addressing vulnerabilities and risks. As the internal expert in the field of information security and cybersecurity, the Director, Cybersecurity has the overall accountability of establishing, monitoring, managing, and maintaining the technologies and processes used to secure company information systems, networks and data, in close collaboration with IT, Regulatory Compliance, Risk Management and strategic managed services partners.
Primary Responsibilities and Duties:
•Lead the delivery of Cybersecurity Roadmap initiatives, through collaboration with internal IT and external managed services partnership.
•Oversee the development and execution of Incident Response Plan (IRP), ensuring swift and effective response to security events and incidents. Coordinate with internal stakeholders and external partners during forensic investigation.
•Manage endpoint and network security environments including overall health, policy modifications, troubleshooting/resolving issues and producing monthly health metrics for workstations, servers, and identities.
•Analyze and resolve security events/alerts Including:◦monitoring and management of the SIEM platform
◦managing the logging health of various log sources (e.g., Windows and Linux systems, cloud infrastructure and services, and network and security infrastructure).
•Collaborate with Risk Management, Regulatory Compliance and IT on reviewing and updating Cybersecurity policies, controls and procedures that support NIST compliance, and monthly Cybersecurity Dashboard updates.
•Manage vendor for Penetration Testing for both external network infrastructure, web applications and API endpoints.
•Support and manage the vulnerability management platforms for infrastructure and application scanning. Including:◦development and maintenance of scanning policies
◦onboarding assets
◦reporting
◦validation and false positive research
◦remediation tracking
◦process improvement
◦Supporting PCI, SOC1/2, HIPAA, and client security assessments. Includes gathering, uploading, and reviewing evidence.
•Strong understanding of cybersecurity framework, standards, and best practices.
•Minimum working knowledge of:◦Incident response
◦Penetration testing
◦Vulnerability management
◦SIEM/log analysis
◦Network security
◦Endpoint security
◦Active Directory
◦Windows/Linux security
◦Email security
◦DLP concepts
Any Graduate