Cyber Security Analyst Engineer Jobs in Cass, Texas

Familiarity with IT ticketing or case management solutions

Bachelor’s degree in computer science or a related field, or equivalent experience

A minimum of 1 year of experience in the IT field or a college degree in a relevant discipline

Experience in one or more monitoring zones such as endpoint, network, application, web, cloud, or database

Strong problem-solving and technical skills

Knowledge of networking, endpoint security, cloud security, database security, or documentation

Identify, report, and document security vulnerabilities and weaknesses in the organization's security posture.

Relevant industry certifications such as OSCP, GPEN, CEH, or similar.

Proven experience in offensive security, penetration testing, or red teaming.

Excellent problem-solving and analytical skills.

Strong written and verbal communication skills.

Ability to manage multiple projects and priorities simultaneously.

• Strong project management skills.

• 5+ years in vulnerability management or information security reporting functions

• Develop relationships with sectors to resolve aging critical vulnerabilities on assets within Citi.

• Lead regular forums with stakeholders to drive remediation of vulnerabilities.

• Experience with leading a small team.

o SQL scripting and advanced Excel skills

Health coverage for medical, dental, vision

401(K) saving plan with company match AND Pension

PTO for community volunteer programs

Employee discounts (membership, insurance, travel, entertainment, services and more!)

Developing the proprietary intelligence platform by surfacing new modules, capabilities and features

Investigative and analytical problem-solving skills

Knowledge of analytical tools, including excel

Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports

Investigating intelligence sources, threat actors, attack tools and techniques

Joining meetings with prospects and clients to present deliverables

Firewall Analyzers-Fire wall browsers, Skybox.

Data integrity monitoring - Splunk

Endpoint Protection - McAfee AV

Payment Card Industry Data Security Standard Compliance(PCI DSS)

Payment Systems & Card Security

Required Knowledge, Skills, and Abilities

· Basic project management skills

Preferred Knowledge, Skills, and Abilities

· Scan systems for vulnerabilities, validate mitigating controls, and report identified risks

· CEH or equivalent certification

· Two years direct cybersecurity experience or five plus years in a related field

Master’s Degree, Information Systems, Information Technology, Information Technology Security, Computer Science, Management Information

Candidate must possess at least one of the below certifications, others may be substituted depending on experience

Previous experience in information technology or security (System Administration or Help Desk)

Strong communications skills, both written and oral

CASP+ CE – Comptia Advanced Security Practitioner – Continuing Education

·Additionally, member must possess at least one active certification from the required certifications listing below.

Technical skills in Linux and Windows server management as well as training in ACAS or HBSS is a requirement

Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability

For Benefits Information, click http://hrweb.mit.edu/benefits

Demonstrated ability to create and contribute to teams in a collaborative and constructive manner

Understanding of classified Cloud or DevSecOps tools, processes, and infrastructure strongly preferred

Ability to obtain and maintain a government security clearance

Education: Technical Training, Certification(s) or Degree**Specific degree requirements (if applicable, remove if position does not require a degree)**

Required Skills and Abilities: **Other specific skills or competencies (communication, problem solving, etc.)**

Professional growth opportunities including paid education and certifications

**Add relevant responsibilities and describe why work is meaningful**

** Specify how they will use relevant skills or technologies in the role**

Required Technical Skills: **Specific skill sets required**

Monitors and tracks all NERC CIP compliance activities using compliance management software.

Supports all phases of NERC CIP reliability audit activities, which includes responses to self-certifications, spot checks, and annual audit activities.

3 years of experience configuring, maintaining, and troubleshooting any of the following: SCADA/EMS, digital control systems (DCS), networks or server infrastructure.

3 years of experience designing, configuring, and maintaining cyber security controls.

Knowledge of bulk electric system concepts.

Knowledge of power system operations concepts.

Develop procedures and capabilities for conducting cybersecurity risk assessments using adversarial techniques, incorporating offensive cyber and advanced post-exploitation skills.

Professional growth opportunities including paid education and certifications

Experience planning, conducting, reporting on Offensive Cyber Operations (OCO) and Cyber Red Team engagements.

Interpret, analyze, and report security vulnerabilities and anomalies identified during assessments incorporating in comprehensive technical reports.

Required Technical Skills: Offensive Cyber Operations, Red Team Engagements, Penetration Testing, Initial Access, Post-Exploitation Activities and Data Exfiltration

Preferred skillsets: AI/ML, SCADA, programming (C, C++, Golang, Rust), scripting (bash, Python, ruby), penetration testing, reverse engineering, exploit development, forensics

Have a strong security mindset and have the desire to expand your knowledge and qualifications in information security

Developing reporting and remediation strategies for vulnerabilities/misconfigurations identified in the enterprise devices or websites

2-4 years of working experience in an engineering security role

4-6 years of working experience in an engineering security role

Experience with cloud security architectures/services (specifically in AWS)

Experience with security tools like NIDS, SIEM, EPP, EDR, NDR,PAM, CASB, etc.

Experience with Security Information Management Tools (ArcSight).

Any other duties as requested by the Contracting Officer Representative and SOC management.

In addition to required education or equivalent experience;

CISSP and/or SANS/GIAC Certification (equivalent to two year experience).

Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.

Minimum six (6) years of relevant professional experience.

Maintain knowledge of the cybersecurity capabilities of operating systems, networking devices, control systems, and vendor offerings.

Basic understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry recognized certifications.

General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved in both.

Maintain a basic knowledge of current and emerging state-of-the-art computer and network systems technologies, architectures, and products.

Maintain a working knowledge of applicable cybersecurity standards involving control systems, including those relating to process networks.

General knowledge of control systems utilized by utilities, manufacturing, oil and gas, transportation, smart buildings, and cities.

Work on time sensitive compliance requirements, including performing reviews, user training, and submitting required documents for management review or third-party attestation

Research security enhancements and make recommendations to management

Experience with IT regulatory compliance requirements associated with any of the following HIPAA, HITRUST, SOC 1/2, SOX, PCI

Work with the security team to perform tests and uncover network vulnerabilities

Fix detected vulnerabilities to maintain a high-security standard

At least three years of experience in computer systems with some specialization in computer security.

Enterprise Mission Assurance Support Service (eMASS) to process Risk Management Framework (RMF) related artifacts and workflows.

Minimum of 2 years’ experience as a cybersecurity professional required, 5 years' experience as cybersecurity professional desired.

Eligible for a DoD privileged user account on a TS/SCI information system IAW DoD 8140/8570.01-m requirements

Work closely with the System Administrators to maintain the system's security and accreditation status on NIPRNet, SIPRNet and JWICS networks.

Ensure implementation of security measures by conducting security reviews and system tests.

Implement site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment used for classified information.

Experience with Access Management models in multiple standalone configurations or in wide scoped heterogeneous information systems.

Advance knowledge and experience in cybersecurity frameworks such as NIST, ISA/IEC 62443, NERC, CSF, CIS, and MITRE Att&CK.

Experience performing threat modeling and security review to assess new designs and security requirements for new technologies.

Working closely with Senior Management and System Owners and other Stakeholders to advise and address cybersecurity concerns.

Strong verbal and written communication skills across technical and non-technical audiences, solid team player, with demonstrated abilities in analysis and problem-solving.

Sr. level cyber security incident response experience and skills.

Minimum of 3 years of experience in an Information Security role conducting information security investigations and related responsibilities

Demonstrated understanding of business processes, internal control risk management, IT controls, audit and related standards

Produce, manage and maintain risk and compliance documentation

Bachelor’s degree (must be from an accredited institution) in Information systems or business related major or equivalent experience required

Security+ Certification or the ability to become certified within 1 year required

Effective interpersonal, written and verbal communication and relationship-building skills

Experience with Network, application, S-SDLC implementations as well as Operating Systems security controls

Key responsibilities include, but not limited too:

Implementing and analyzing the results of bi-monthly penetration tests, design reviews, source code reviews and other related tests.

Understanding of Cyber Security Frameworks (such as NIST, ISO, CIS, SOC, etc..)

Cyber Security Analyst - Pennsylvania - $120,000 - Industry Leading Pharmaceutical Firm

Exciting Cyber Security Analyst opportunity with a leading Pharmaceutical company based in Pennsylvania.

Participating in the change management process

Testing and identifying network and system vulnerabilities

A degree in computer science, IT, systems engineering, or related qualification

2 years of work experience with incident detection, incident response, and forensics

Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security

Strong attention to detail with an analytical mind and outstanding problem-solving skills

4+ years of Cybersecurity experience with the requirements listed under “technologies.”

Experience with the skills listed under “technologies” is what they’ll be looking for vs. certain tools.

Research, draft and edit policies in support of management and security standards.

Support the installation, integration, maintenance, and security of building management systems.

Assist in the day-to-day management of services providers.

Solid understanding of the fundamentals of computer networking and threat management.

Strong Experience with Okta access control and identity management platform.

Prepare and present reports on the status of the firm’s information security posture to management and other stakeholders.

Develop, implement, and maintain information security policies, procedures, and guidelines in accordance with industry best practices and regulatory requirements.

Continuously monitor and analyze the firm’s networks and systems for potential security vulnerabilities, threats, and incidents.

Implement and manage security tools, such as firewalls, intrusion detection systems, encryption, and endpoint security solutions.

Compliance with all applicable regulations and industry standards, including SEC, FINRA, and other regulatory requirements.

2. Risk Assessment and Management

1. IDIQ Force Area 1 : Cybersecurity, Information Assurance, and Risk Management Services

14. Writing and manage test case/scripts/plans

Type of Contract: Professional Services

Department: United States Department of Agriculture (USDA), Rural Department (RD)

1. USDA Rural Development, 1400 Independence Ave SW, Washington DC, 20250

Effective problem-solving skills and requirements gathering techniques.

Assesses new security technologies to determine potential value for the enterprise. Continuous education and research into new and emergent cyberattack methodologies.

Develop, maintain, and manage policies and plans related to cybersecurity.

Bachelor’s degree in data science, engineering, computer science or related field or equivalent industry training and certifications.

3 to 5 years of experience as a security analyst or related position.

Technical knowledge of enterprise-class technologies such as firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems.

Knowledge of incident and problem and change management

Good customer service and relationship management skills.

Application Support experience on a unix platform OR Unix System administration experience who is looking to move into Application Support.

Has experience in Application support

Experience supporting a security product

Familiarity with command prompt, including bash or sh or csh.

• Familiarity with Identity Management (IDM) concepts

Identify potential security vulnerabilities and risks and collaborate with relevant teams to implement appropriate remediation measures.

• Minimum of 2 years of cybersecurity experience

• Certifications such as CompTIA Security+, CISSP, and CEH are a plus

Conduct regular audits and assessments of security controls to ensure compliance and established security policies, standards, and regulations.

Monitor security systems and tools to detect and respond to security incidents and breaches promptly.

MINIMUM REQUIRED EDUCATION AND/OR FORMAL TRAINING, YEARS OF EXPERIENCE, COMPETENCIES, SKILLS AND/ORSPECIFIC KNOWLEDGE

Participating in the change management process.

Testing and identifying network and system vulnerabilities.

Experience with Firewall Security, Cloud Security, Web Applications, Email Gateways, SIEMS and Endpoint Security.

Solid understanding of the OSI model and renowned ports and services (may not be a requirement, but is often preferred)

Strong attention to detail and problem-solving skills

Knowledge of patch management with the ability to assist in deploying patches in a timely manner while understanding the business impact

Document security breaches, assess/analyze to determine impact/scope of the incident and report to management.

Complete Attestation of Compliance on regular basis. Create a plan of action and manage the execution. Provide regular reports to management.

Assist with vulnerabilities scanning and fixes.

Knowledge of firewalls, proxies, endpoint protection

2+ years of experience in cyber security

120k - 160k and negotiable based upon meeting experience and requirements

Work with system and application administrators to address detected vulnerabilities

Deploy and use platform and application vulnerability scanning tools to detect vulnerabilities, assess risk and recommend mitigation activities

Experience with writing bash pearl and/or python scripting

Have 3 to 5 years of experience troubleshooting systems/networks in a large enterprise environment

Have 3 to 5 years of experience deploying and maintaining 2-Tier and 3-Tier applications

Maintain DR/IR plan runbooks management and support forensic investigations.

Review and manage user and user groups AD access and privileges.

Maintain risk register and manage remediation plans.

Partner with desktop team to deploy and manage FIDO keys for end users.

Review external penetration test and lead/manage remediation efforts.

Hands-on experience with cyber training and awareness is required.

Experience in anomaly detection, data analytics, data leakage, policy development, behavior analytics and log management.

Hands-on experience with UEBA tools (Ex. Securonix, SNYPR etc.) especially in policy and content development, log ingestion, case management and workflows.

Lead design and deployment of solution, manage data ingestion, implementing new functionality to meet business requirements.

Cloud, Networks, Databases, Cryptography, Identity & Access Management, Proxies etc.

Responsible for enabling and maintenance of all data sources and feeds to support the operational requirements of platform and downstream needs.

Manage service parameters around operational incidents and SLAs in partnership with platform service provider/vendors.

Identify security gaps and assess vulnerabilities that could impact the organization’s assets

Manage the expectations of senior-level customers and facilitate presentations/briefings as needed

Conduct reviews and assessments of planning, requirements, design, construction, testing, and implementation deliverables

2 to 5 years of experience in Professional Services at a cybersecurity vendor, SOC/IR experience, or a combination of the two

Familiarity with industry cybersecurity tools to gather and review data and mitigate vulnerabilities

Hands-on experience with any of the following types of technologies: Forescout, Tenable, Axonius

Issue Management; Triage issues to accurately assess and capture them within the GRC tool.

Risk Management: Identify, assess, monitor, and report risks with minimal supervision.

At least 3 years of professional experience in Governance, Risk, and Compliance.

EST or PST candidates only.

Data Security Governance: Conduct data security assessments.

We are seeking a Security Risk /GRC Analyst professional to fill this role.

Conduct thorough assessments of software applications, networks, and systems to identify security vulnerabilities and weaknesses.

Collaborate with cross-functional teams to prioritize and address vulnerabilities based on potential impact and risk.

Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation.

Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively.

Participate in designing and implementing security measures to prevent future vulnerabilities.

Collaborate with external partners, vendors, and researchers to exchange information about vulnerabilities and security trends.

1+ years of this functional experience must have included securing and evaluating information management systems, security design

Knowledge acquired through 5 to up to 7 years of relative work experience

5 to 7 years of cyber security engineering experience

Experience must include familiarity with applicable NIST information security documentation

Hands-on experience identifying, exploiting, and remediating Network and Application based attacks

Network auditing and monitoring, including SIEM experience