Cyber Security Engineer

The Security Analyst who will be responsible for assuring Information Security and identifying risks related to the use, processing, storage and transmission of information and the systems and processes used for those purposes. In addition, this person will assist in identifying, analyzing, influencing the management of information risks across the organization, and will be involved in the architecting of solutions.

Technologies

• Oversee, manage and provide reporting from the Next Generation Firewalls (NGF)s, Anti-Virus, Malware, Security, Information and Event Management (SIEM), Intrusion Detection / Prevention (IDS/IPS), Domain Name Services (DNS), Vulnerability scanners, and other security solutions that comprise the Security Architecture of the organization.

• Conduct cloud security analysis of Microsoft Active Directory, Office 365 and PCI-DSS. This can include Microsoft’s cloud solutions such as MCAS, PIM, InTune, SharePoint, One Drive, Teams, M365, AD, DLP, AIP and Exchange Online Protection.

• Be the expert in security tools (Azure Security Center, Darktrace, Carbon Black, CyberArk) to assist in detection, prevention, analysis, and remediation of security threats.

• Installation and use of firewalls, data encryption and other security products and procedures.

• Monitor networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior.

Process

• Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls.

• Work closely with the application development team to provide security requirements and confirm their integration within the appropriate phases of the Systems Development Life Cycle (SDLC).

• Partner with infrastructure team on vulnerability assessment and remediation.

• Performing technical health checks for these Cloud platforms/environments prior to broader deployments.

 • Implementation of industry leading practices around O365/EMS cyber risks and cloud security. Acting as a subject matter expert on cloud cyber risk for the Microsoft O365 and EMS platforms.

• Design and develop cloud-specific security policies, standards and procedures e.g., O365/EMS tenant management and configuration, identify management and access control, firewall management, auditing and monitoring, security incident and event management, data protection (DLP, encryption), user and administrator account management, SSO, conditional access controls and password/key management.

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organizations data, systems and networks, following industry best practices (CIS, NIST, PCI-DSS).

• Awareness training of the workforce on information security standards, policies and best practices.

Reporting and Response

• Responding to all system and/or network security breaches. Maintain and update all Incident Response Procedures and Documentation.

• Investigate security breaches

 • Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage

• Conduct periodic network scans to find any vulnerability, provide reporting to IT Management.

• Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses

• Configuration of cloud security and compliance reports.

• Monitor and measure adherence & compliance to the patch management process for operating systems, software applications, firmware, etc., and produce monthly metrics of patching results.

Required

• 5+ years’ technical experience designing, implementing and maintaining security controls and procedures

• Expertise in anti-virus software, intrusion detection, firewalls and content filtering

• Expertise in Cybersecurity tools include Darktrace, Carbon Black, Microsoft ATP.  Experience leading an IT department in security.  Creating policies, leading incident response and internal audits.

• At least 2 years of work experience with incident detection, incident response and forensics required.

• Experience with Firewalls (functionality and maintenance), Office 365 Security, and Endpoint Security.

• Ability to work under pressure in a fast-paced environment.

• Knowledge of risk assessment tools, technologies and methods.

• Great awareness of cybersecurity trends and hacking techniques.

• Strong attention to detail with an analytical mind and outstanding problem-solving skills is required.

• Knowledgeable in designing secure networks, systems and application architectures.

• Planning, researching and developing security policies, standards and procedures.

• Strong communication skills and the ability to collaborate effectively both within IT and across the entire organization.

Preferred

• Proficiency in Python, C++, Java, Ruby, Node, Go and/or Power Shell.

• Disaster recovery, computer forensic tools, technologies and methods.

• Expertise with Endpoint security solutions, including file integrity monitoring and data loss prevention.

• Experience with implementation and audit for Payment Card Industry Compliance.

• Automation security testing tool experience.

Education and Certifications:

• B.S or M.S. in Computer Science or related field.

• At least 5 years of industry experience in an information security function is required.

• Certified Information Systems Security Professional (CISSP) is a plus.

• CISA – Certified Information Systems Auditor (CISA) is a plus.

• CEH – Certified Ethical Hacker (CEH) is a plus.

• CISM – Certified Information Security Manager (CISM) is a plus.

Our benefits program is our investment in you as an important contributor to our success, and we are proud of our highly competitive package.

• Medical Benefits
• Health Savings Account (HSA)
• Medica Value-Added Services
• Virtual Care
• Dental Insurance
• Vision Insurance
• 401(k) Retirement Plan
• 401(k) Matching
• Employee Discount

The Tile Shop is an Equal Opportunity Employer