Cyber Security Specialist

**Job Title:** Cyber Security SpecialistAbout the Role:

This is a unique opportunity to join our dynamic team as a Cyber Security Specialist. As a key member of our security team, you will play a crucial role in maturing our IT and OT Security organization.

You will be part of a global security team that provides support for all areas of Information Security. A successful candidate will have experience with and/or strong interest in becoming a subject matter expert in multiple Security disciplines.

These include Zero Trust Architecture, Application and Cloud Security, IAM and/or Data Protection/DLP. Additionally, you will be a point of escalation for investigating and remediating potential threats.

You will continuously be apprised of emerging technologies, threats, attacks, and countermeasures and recommend enhancements based on industry best practices.

Your Key Responsibilities:

• Design, document, test, maintain, and provide issue resolution recommendations for security solutions related to Zero Trust tools, secure software development, cloud, access, authentication/directory services, email, and/or endpoint security.
• Work with various departments to design, implementation, and maintain IAM policy.
• Contribute to the development and maintenance of Zero Trust Architecture and SASE tools.
• Partner with Dev teams to define, execute, and continuously improve our secure software development processes.
• Partner with IT and Product teams to assess, document and develop Cloud Security best practices.
• Participates in security incident response activities, conducts technical investigation of security-related incidents and conducts post-incident digital forensics to identify causes and recommend future mitigation strategies.
• Identifies security vulnerabilities/issues, performs risk assessments, and evaluates remediation alternatives.
• Contributes to the development and maintenance of information security architecture.
• Collaborates with other IT teams such as infrastructure and application development in the protection of the company's IT assets including network, servers, applications, and 3rd party service providers.
• Contributes to the development of ongoing information security policies and procedures, and ensures such policies and procedures are put into practice in the day-to-day operations of the company's technology environment.

Requirements:

• Solid understanding of IAM, SASE, SSDLC, SIEM/SOAR, EDR, EPP concepts.
• Knowledge of Cybersecurity architectures and methodologies (OWASP, Github Advanced Security, Azure DevOps, Zero Trust, NIST, Defense in depth, Kill-Chain, etc.)
• Familiarity with Secure Cloud Architecture, Vulnerability Management, and Incident Response.
• Knowledge of Data Loss Prevention (DLP), Data Protection, and Disaster Recovery.
• Familiarity with network/security (IDS/IPS, firewalls, DNS, DHCP)
• Technical knowledge of Microsoft and Linux.

Preferred Qualifications:

• Cyber Security certifications.
• 5-10 years of IT industry experience with 3-5 years of those in a role directly related to information security and IT compliance disciplines such as app security, cloud security, IAM, DLP, SASE, etc.
• Strong subject matter expertise in one or more of technical disciplines such as IT infrastructure, applications development and/or information security.
• Familiarity with information security disciplines such as privacy protection and data loss prevention.
• Strong experience in managing cybersecurity incidents and event response.
• Awareness of industry standards such as ISO, NIST as they relate to information security and protection of privacy.
• Experience with NERC-CIP standard and polices a plus.
• Experienced in executing privacy compliance initiatives in response to global privacy regulations such as GDPR and LGPD would be an asset.
• Knowledge of national and international regulatory compliances and frameworks such as ISO, NIST, and SOX.

About Us:

We offer equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability, marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.

Contact Information:

Please note that we do not disclose contact information for this position.

Seniority Level:

Associate

Employment Type:

Full-time

Job Function:

Engineering and Information Technology

Renewable Energy Equipment Manufacturing

---