Cybersecurity Engineer

You will be responsible for designing, implementing, and managing comprehensive cybersecurity solutions to protect against potential threats and vulnerabilities. This role is a contract role supporting a 1-year leave coverage.

• Design and implement operationally ready, best practices security solutions (tools and services) to mitigate security threats and risks that may impact the business.
• Areas of security concentration may include: SIEM and security events, network, systems, infrastructure, cloud, operations, identity and access management, endpoint, vulnerability management, etc.
• Work with vendors and internal teams as needed to ensure any outstanding issues are resolved appropriately in a timely manner.
• Administer and manage security tools as needed.
• Evaluate new and emerging security products and technologies.
• Research and execute technology refresh according to product roadmap and industrial best practices.
• Participate as technical security subject matter expert when participating in projects and incident response activities as required.
• Conduct technical assessments and research of computer related security incidents, including malware analysis, fraud detection packet level analysis, and system level forensic analysis to ensure the continuing development of security protection technology as it relates to defending and protecting RH and its customers.
• Assess severity levels of security threats (e.g., incidents, vulnerabilities, malicious code) and coordinate the appropriate notifications or escalations in a timely manner.
• Act as an escalation point to provide technical guidance to Security Operations when processing any complicated user requests.
• Assess, document and implement mitigation strategies for vulnerabilities discovered that may impact the company.
• Administer and monitor security profiles, review security violation reports and investigate possible security exceptions, update, and maintain and document security controls.
• Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
• Support team and vendors to gather external project requirements and develop secure solution to support business needs and to provide security review and certification to ensure best practice and quality delivery of all technical solution that meet security requirements.
• Prepare status reports on security matters to develop security risk analysis scenarios and response procedures.
• BS in computer science or similar technical degree or 2+ years’ working experience in IT technical field.
• 6+ years’ IT security engineering experience or a non-technical degree with 5+ years’ security engineering experience. CISSP preferred
• Experience with one or more SIEM platforms is required.
• Security related technologies and solutions (firewalls, IPS, WIDS, WAF, SIEM, DLP, RMS, vulnerability scanner, web proxy, endpoint security, etc); Network security experience is a plus.
• Ability to provision and support cloud computing infrastructure using one or more Infrastructure-as-Code (IaC) technologies, such as Terraform or CloudFormation.
• Ability to interact and communicate with customers of varying levels of expertise.
• Adaptability and demonstrates good judgment.
• Ability to communicate business process to technical resources.
• Ability to write simple queries and reports.
• Ability to communicate technical information to non-technical users.
• Ability to create simple process flow diagrams or flowcharts that demonstrate business or system security process flow.
• Ability to prioritize job responsibilities.
• Knowledge of security systems software.
• Ability to work to a project plan, meeting established deliverables and timelines.
• Ability to use good judgment and think outside the box in addressing unique information security challenges.
• Ability to gather requirements and create assessment plans.
• Ability to think independently and in team setting to ensure security issues are addressed in a manner consistent with security principles in mind