Senior Cybersecurity Engineer

#1 Cochran is seeking a capable senior level IT System Engineer to join our cybersecurity team, who enjoys overcoming cybersecurity challenges and possesses both deep and wide expertise in the space. This is a technical position and the individual in this role will assist senior IT Management in meeting our strategic goals of protecting sensitive data held by the company.

The IT Cybersecurity Engineer will serve as a subject matter expert, helping to establish and maintain cybersecurity governance, devising and implementing protective measures across internal and external systems, advising management on recommended investments, and serving a key role in the company’s response to potential security incidents and the mitigation of cyber threats. This individual will be responsible for project activities in the cybersecurity area to ensure they are completed safely and timely, balancing cost and quality factors.

This individual will mentor and guide junior cybersecurity-oriented staff, as well as manage the company’s general cybersecurity awareness training efforts.

The successful candidate will possess proven, team-oriented communication, analytical, and problem-solving expertise, and have a mix of technical, customer service, and collaboration skills. A self-starter with a proven, proactive approach to project and operational service level delivery, they are driven by a passion for technology, helping people, continuous self-improvement, and a positive, can-do attitude.

• Engineer, implement and monitor security measures for the protection of computer systems, networks and information
• Conduct proactive research to analyze security weaknesses and recommend appropriate strategies
• Participate in the configuration and troubleshooting of cybersecurity tools and infrastructure, including but not limited to, anti-virus and EDR systems, mail and web filtering systems, authentication systems, mobile device management, patching, and asset management systems.
• Identify and define system security requirements
• Design computer security architecture and develop detailed cyber security designs
• Develop best practices and security standards for the organization
• Prepare and document policies, standards, operating procedures, and protocols
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Ensure timely response to security incidents
• Perform security assessments of suppliers, and participate in responding to security audits required by government agencies, industry groups, and public and private companies
• Manage cybersecurity awareness training efforts for the company
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Mentor and guide junior cybersecurity-oriented staff

• 5+ years of work experience in the cybersecurity industry with at least 2 years in an intermediate or senior level engineering role
• Technical understanding of common risk areas in network infrastructure, Windows server and workstation operating system security, web related technologies (Web applications, Web Services, Service Oriented Architectures) and email infrastructure
• Familiarity with network/web related communication protocols and architecture
• Familiarity with one or more common cybersecurity frameworks such as NIST, ISO
  2700x, SOC2, PCI, etc
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Experience with using security monitoring and vulnerability assessment tools. Experience working with MDR suppliers is considered a plus
• Thorough understanding of the latest security principles, techniques, and protocols for security incident response
• Proven experience with systems planning, security principles, and general IT management best practices. ITIL experience is considered a plus
• Experience developing and updating internal processes and procedures
• Has a proven, proactive approach to project and operational service level delivery metrics
• Problem solving skills and ability to work under pressure
• Exceptional organization and time-management skills, with keen attention to detail
• Ability to work well in a team-oriented, collaborative environment.
• Ability for periodic travel to company locations within Pennsylvania, Ohio, and West Virginia via both company and personal vehicle(s). A valid state issued driver's license is required, along with a vehicle maintained in good condition.

A bachelor's degree in information science, computer science, engineering, cybersecurity, or a similar field is preferred, though additional professional experience may be substituted in place of formal education.

Cybersecurity certification(s) is preferred.