PDS Tech Inc Cybersecurity Operations Engineer in Melbourne, Florida
The Cybersecurity Operations Engineer is responsible for the oversight of cybersecurity for operational environments. The role is ultimately responsible for ensuring the secure development, implementation, and ongoing operations as part of the overall security program. The role will bring not only leadership but also technical expertise mentoring team members and driving objectives to completion. This role will also work closely with the Digital Services Platform Director and the Product Security Officer to fulfill the key responsibilities.
Essential Functions / Key Areas of Responsibility
• Provide support for the implementation and ongoing support of security monitoring and alerting systems that are part of the Cybersecurity Operations Center (CSOC)
• Ensure the effectiveness of the operational vulnerability management process. Support and coordinate the remediation of high risk, complex vulnerabilities across operational and development teams.
• Support audit and compliance efforts impacting operations such as PCI and SOC2. Support other audit and compliance efforts such as GDPR.
• Oversee technical approach to applying cybersecurity to ground infrastructure. Determine appropriate controls are in place via periodic assessment and testing. Identify and engage operations teams for needed remediation.
• Support ground infrastructure teams and design authority teams in identifying and complying with cybersecurity requirements impacting ground based applications
• Develop and monitor KPIs related to operational cybersecurity. React accordingly when KPIs or other indicators represent unacceptable operational risk.
• Development and maintenance of policies, standards and in conjunction with production IT and devops teams.
• Ensure cybersecurity alignment with IFEC Engineering and Services teams for operational security. This includes collaborating with engineering development teams when there are operational aspects.
• Conduct ad-hoc testing of operational environment to assess and communicate level of risk, manage assignment/tracking of remediation. This includes internal and external penetration testing, phishing testing, etc.
• Interface with users of technology, employing a high degree of tact and diplomacy to promote a positive image of the Production IT department.
• Manage multiple high priority initiatives in a fast paced highly technical environment.
• Remain on-call during off-peak hours to respond to issues.
• Directly contribute to a multiyear business roadmap and drive adoption on new tools, techniques, and technologies to improve value and impact of the overall security program.
• Establish, maintain, and report metrics to accurately track the current state of security operational performance
• Work with and manage various security solutions and 3rd party partners on risk assessments, vulnerability scans, penetration testing, incident management, and threat intelligence (SIEM, IDS, Vulnerability Management, Antivirus, Firewalls, and other tools)
• Oversee and maintain all cybersecurity compliances required. (PCI, SOC2, MPAA, GDPR, CCPA)
• Manage change and demonstrate adaptability by embracing change and adjusting priorities as business needs dictate
• Investigate, document, and report on security issues and emerging threats.
• Support and participate in the research, evaluation, design, and testing of technology solutions to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software, liaising with appropriate teams as needed.
• Interact effectively with all levels in both verbal and written professional communication.
Minimum Requirements: Skills, Experience & Education
• Bachelor’s degree or 12+ years of relevant experience.
• 3+ years of professional experience in an Operations Center.
• Experience in Incident Response as a team member in investigations of network intrusion in an enterprise environment.
• Extensive experience with multiple SIEM and log aggregation technologies.
• Extensive experience in threat hunting, malware analysis, log reviews, and memory analysis.
• High-level understanding of networking concepts and protocols (LAN, WAN, DNS/DHCP, TCP/IP, SSL, SFTP, SMTP, VPN, etc).
• Strong understanding of information security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX), and General Data Protection Regulation (GDPR).
• High-level understanding of security concepts such as Identity & Access Management, Network Security, and Application Security.
• Understanding of threat vectors as well as exfiltration techniques
• Understanding of the Software Development Life Cycle and Development Operations principals
• Familiarity with Cloud Security principles and practices as they relate to Security Operations and Incident Management
• Knowledge of relevant legal and regulatory requirements as well as privacy laws.
• Master’s Degree in related field
• CISSP, GCIH, CISM, or other related certifications
• Strong experience in Amazon and Microsoft cloud environments
All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.