Grinnell Chamber

Cyber Security Eningeer

Full time
Posted: 11/23/2022
Grinnell, IA
Human Resources

Description

Are you ready for your next adventure? As Cyber Security Engineer at 2nd Adventure Group/Brownells, you will participate on a multidisciplinary team and will directly contribute to the execution of the company’s technology transformation strategy and cloud architecture. Additionally, you will lead the design and implementation of security controls around on-premises, hybrid, and cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service - IaaS/PaaS/SaaS).

The Cyber Security Engineer will coordinate the response activities for cyber security incidents across all 2nd Adventure Group businesses. You will be at the front line of detecting, monitoring for and responding to cyber security incidents. You will play a crucial role in defending the enterprise network from potential and active threats. The ideal candidate is agile, willing to learn and able to think outside of the box to operate effectively in a dynamic threat landscape. We are seeking someone who is a thought leader, willing to mentor and coach others, to drive the operational and strategic growth of the organization.

 

Benefits You Will Enjoy

  • Competitive Salary
  • Generous Paid Time Off
  • Health, Dental, and Vision packages to fit your needs
  • Additional voluntary supplemental insurance plans
  • Fully-vested 401(k) company match
  • Tuition Assistance Program
  • Career Pathing Program
  • “At cost” employee discount
  • Full range access at our Big Springs Shooting Complex
  • Opportunity to work alongside people who are passionate about adventure and the outdoors!

 

What You Will Do

Main Duties & Responsibilities

  • Design and develop security solutions for cloud and hybrid cloud-based systems
  • Work with third-party security partners/vendors performing security assessments of cloud platforms
  • Execute cloud security engagements from assessment to design and implementation
  • Troubleshoot and resolve complex security issues
  • Conduct security risk management activities, produce related security risk management information, and advise the engineering team and key stakeholders on the security-relevant impact of threats and vulnerabilities
  • Act as security incident handler for cyber security incidents and advanced attacks in accordance with security incident response process
  • Provide response for security events, including but not limited to, intrusion detection, malware infections, denial of service attacks, privileged account misuse and network intrusions
  • Understand and execute the full Incident Management Lifecycle to identify and improve preventative security controls and security incident detection capability
  • Perform analysis of logs from various security controls, including but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, and application and system logs, to identify possible threats to network security
  • Provide leadership and guidance to the appropriate teams to improve and enhance cyber security prevention, detection, and response capabilities
  • Utilize a variety of cloud-based and on-premises security tools and techniques to proactively analyze suspicious events, network anomalies and other potential threats to determine validity, impact, scope and recovery options
  • Create and maintain system documentation for security event processing
  • Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics

 

Requirements

Education & Experience

  • Minimum 5 years of relevant experience
  • AA/AS degree in related field is preferred, however additional relevant experience may be substituted
  • Experience with Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud Platform, O365
  • Experience with IT Systems Architecture/Infrastructure
  • Strong background in Operating Systems and their architectures, including Windows and Linux
  • Experience with threat monitoring procedures
  • Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies

 

Certification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP), GIAC Security Essentials Certification (GSEC), Certified Ethical Hacker (CEH)

 

Knowledge & Skills

  • Demonstrable knowledge of threats, attacks, logs, operating systems, and security technology (firewalls, anti-malware, proxies, etc.)
  • Knowledge and understanding of cyber risks and security issues in cloud-based and on-premises environments
  • Knowledge of cyber security techniques, platforms and technologies (Enterprise Antivirus, IDS, deep packet inspection and host/network threat analysis)
  • Knowledge of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), system administration and/or security architecture
  • Knowledge of security tools, frameworks, and security best practices such as: NIST CSF, ISO2700 and regulatory requirements including PCI
  • Automation Skills (PowerShell and/or Python, Java, or a similar language)
  • Excellent verbal and written communication skills
  • Strong troubleshooting skills
  • Ability to work well both independently and in a highly collaborative environment
  • Ability to manage multiple priorities in a high-pressure environment

 

Physical Demands

Sedentary work. Sedentary work involves lifting no more than 10 pounds at a time and occasionally lifting or carrying articles like docket files, ledgers, and small tools. Although a sedentary job is defined as one which involves sitting, a certain amount of walking and standing is often necessary in carrying out job duties. Jobs are sedentary if walking and standing are required occasionally, and other sedentary criteria are met.

 

Physical Hazards – Health and Safety Concerns

  • General office environments
  • Ergonomics

 

Where You’ll Be Located

Grinnell, Iowa (with options for hybrid working arrangements)

 

Copyright 2022 Grinnell Area Chamber of Commerce. All Rights Reserved