DEC is looking for a Cybersecurity Engineer who will be responsible for the development and day-to-day management of DEC’s information security program. This candidate should be familiar with designing, building, and defending scalable, robust, and secure network systems. This is a hands-on technical role with tasks such as reviewing logs, network traffic, managing vulnerability management program, endpoint security and updates, firewall maintenance, reviewing and writing policies, and assisting with vulnerability and penetration testing activities. This role will report to the Information Security Manager and will work closely with the Technology Department to help support DEC maintain all its security objectives.
RESPONSIBILITIES & AUTHORITIES
Within the limits of established policies, budgets and legal requirements, assumes responsibility and has commensurate authority as delegated by the Information Security Manager for the performance of the following activities:
1. Monitor and provide primary support and response for all security tool findings and alerts or any other observed abnormal activity. This includes on-premise, remote, and field-based security incidents.
2. Deploy, manage and maintain all information security systems and their corresponding or associated firmware/software, including but not limited to firewalls, security tools and appliances, intrusion detection systems, cloud services, and endpoint security software.
3. Research and help implement tools to assist in the detection, prevention and analysis of information security threats.
4. Help develop and contribute to a set of information security standards and best practices for the organization, including incident response, disaster recovery, governance, risk, and compliance focus areas.
5. Provide support to help ensure regulatory compliance is maintained.
6. Help support and grow DEC’s information security education, training, and awareness program. Must be comfortable presenting and publicly speaking to internal staff.
7. Conduct periodic vulnerability scanning and coordinate with a third party to conduct annual penetration testing. Summarize and report all findings to the Information Security Manager.
8. Assist with disaster recovery and business continuity planning exercises, testing, and execution.
9. Work with existing and future DEC vendors and partners to ensure security standards are maintained and 3rd party risks are being appropriately managed.
10. Research and make recommendations on appropriate emerging information security products, services, procedures, etc. to help reduce organizational risk.
11. Remain up-to-date on cybersecurity news, notable incidents, vulnerabilities and updates, and relevant industry information.
12. Create periodic information security reports, reviews, and presentations.
13. Provide primary on-call support for information security incidents.
14. Perform other duties as assigned by the Information Security Manager or CIO.
1. Bachelor’s degree in Computer Science, Cybersecurity, Information Security / Assurance, or comparable degree.
2. 3-5 years of relevant information security experience.
3. High level technical knowledge of network security, operating systems, application security, hardening activities, and security defense in depth strategies.
4. Hands-on experience selecting, supporting, and maintaining cybersecurity products and services (such as firewalls, endpoint protection, SIEM, etc.)
5. Experience with security event handling, including remediation, documentation, and communication.
6. Possess a functional understanding of cyber risks and defenses (MITRE ATT&CK) and security control frameworks.
7. Experience managing identification and access management (IDaM) systems, such as Active Directory, Azure, and other user or role-based access control systems
8. Experience planning, researching and developing security policies, standards and procedures.
9. Knowledge of disaster recovery, incident handling, technologies and methods.
10. Knowledge of risk assessment tools, technologies and methods.
11. Exceptional analytical, conceptual, and problem-solving abilities.
12. Strong written and oral communication skills.
13. Strong interpersonal and consultative skills.
14. Ability to conduct research into emerging technologies and trends, standards, and products as required.
15. The aptitude for troubleshooting complex technical and security issues.
16. Ability to communicate security issues to peers and non-technical individuals.
17. Able to prioritize and execute tasks.
18. Ability to work in a team-oriented, collaborative environment both on-site and virtually.
19. CompTIA Security+, CEH, GISF, SSCP or a comparable certification is preferred.
20. Willingness to continue professional development through training, certification, and/or relevant educational opportunities.
OTHER SKILLS & ABILITIES
The ability to analyze data, to notice discrepancies and to take corrective measures to assure accuracy. The aptitude for troubleshooting in a computer-oriented area. Must be able to make decisions promptly in situations involving stress. Must be able to read and understand technical and instructional manuals. Must be able to work independently with minimal supervision. Ability to effectively prioritize and execute tasks in a high-pressure environment. Strong interpersonal skills, oral communication skills, and proven analytical and problem-solving abilities. Strong understanding of the organization’s goals and objectives. Strong customer service orientation. Must be able to make judgment decisions to plan logical sequence of steps, prepare flow charts, and develop programs for current needs which will be compatible with computer system growth and change. Skill in motivating people is necessary.
CERTIFICATES, LICENSES & REGISTRATION
Must possess a current a current, valid driver’s license recognized by the State of Delaware.
DEC offers a competitive starting salary and excellent benefits.
How to Apply!
Step 1: Fill out a special Indeed job questionnaire HERE.
Step 2: Fill out the general Co-op application HERE.