IT Data Security Engineer

Job Overview

The IT Cyber Security Engineer - Data serves as a leader to develop and implement strategies, best practices, and education programs to safeguard company data, computer assets, networks, and information from cyber threats. Cyber strategies will also be engineered to be compliant with all government regulations. Typical responsibilities include continual assessment of existing strategies, assessments of new technologies, and recommendations of new strategies, and execution of projects to mitigate security gaps. The role will also mentor cyber analysts and internal IT development teams. Evaluate controls to make sure they are still solid, strategies; more senior-level role.

Duties & Responsibilities

• Develops and enforces data security strategies and controls to ensure the confidentiality, integrity, and availability of sensitive information across all systems and platforms, including structured and unstructured data repositories.
• Monitors the health of existing cyber controls, assesses gaps, and recommends improvements to policies and strategies, including risk and cost assessments
• Performs product evaluations as necessary
• Designs user training programs and communication strategies
• Designs and coordinates implementation on cyber security projects to achieve desired risk mitigation results
• Conducts penetration testing, simulating an attack on the system to find exploitable weaknesses, and monitors networks and systems for security breaches
• Coordinates closely on any other additional CAAS testing projects- SOX, PIAA, and PCI
• Works cross-functionally with vendors internally and externally
• Develops strategies to respond to and recover from a security breach, leads incident response, including steps to minimize the impact, and then conducting a technical and forensic investigation
• Develops and maintains security architecture standards and best practices in the development of new solutions and onboarding of new vendor solutions
• Mentors IT development teams on security best practice

Knowledge, Skills, & Abilities

• 2 to 5 years of cyber security engineering experience
• Experience must include familiarity with applicable NIST information security documentation
• Proven ability to design and implement data security controls and encryption strategies to protect sensitive information across databases, cloud environments, and enterprise applications.
• 1+ years of this functional experience must have included securing and evaluating information management systems, security design
• 3+ years of working experience in the following:
  • Hands-on experience identifying, exploiting, and remediating Network and Application based attacks
  • Network auditing and monitoring, including SIEM experience
  • Active Directory
  • Cloud security (AWS, Azure)
  • Experience recommending, communicating, and tracking remediation of IT Threats

Minimum Qualifications

• 2 years of education beyond high school in college or technical school
• Knowledge acquired through 5 to up to 7 years of work experience
• At least five years of experience in the IT field
• Certification Requirements: Preferably one of the following security-related certifications:
  • CISA – Certified Information Systems Auditor (CISA)
  •  CEH – Certified Ethical Hacker (CEH)
  • ISSAP – Information Systems Security Architecture Professional (ISSAP)
  • ISSEP – Information Systems Security Engineering Professional (ISSEP)

Preferred Qualifications

• A two year degree or equivalent experience (Associates)
• Four year degree (Bachelors)

Work Environment

Office Environment

4 days in office, 1 day remote 

South Park, Charlotte

#LI-AF1