Cyber Security Specialist II

Gleason-posted 28 days ago
Full-time • Mid Level
Rochester, NY
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are seeking an experienced Cybersecurity Analyst to protect our global manufacturing operations, intellectual property, and critical infrastructure. This role is essential in maintaining our security posture across multiple international locations while ensuring compliance with various standards such as NIST, TISAX and CMMC. The ideal candidate will have hands-on experience with enterprise security tools, a strong understanding of manufacturing environments, and the ability to translate complex security requirements into practical controls.

  • Endpoint Detection & Response (EDR): Manage and optimize CrowdStrike Falcon platform across 3,000+ endpoints globally, including configuration, policy management, threat hunting, incident response, and integration with SIEM
  • Next-Generation SIEM Management: Administer and tune next-gen Crowdstrike SIEM platform, develop correlation rules, create custom dashboards, investigate security events, and coordinate incident response workflows
  • Firewall Administration: Configure, manage, and optimize enterprise firewalls (Palo Alto, SonicWall, Sophos), including rule development, change management, VPN connections, segmentation strategies, and regular policy reviews
  • Identity & Access Management: Administer Azure Active Directory (Entra ID) including user provisioning, conditional access policies, group policies, privileged identity management (PIM), role-based access control (RBAC), and hybrid identity synchronization
  • Multi-Factor Authentication (MFA): Deploy, manage, and enforce MFA solutions across all user accounts and privileged access scenarios, ensuring compliance with CMMC Level 2 requirements for authentication controls
  • VPN Infrastructure: Manage site-to-site and remote access VPN solutions, ensuring secure connectivity for remote manufacturing sites and mobile workforce
  • Microsoft 365 Security: Configure and manage M365 security features including Defender for Office 365, Intune and Purview, Data Loss Prevention (DLP), sensitivity labels, information protection policies, secure score optimization, and compliance center management
  • Implement controls based on NIST SP 800-171 (Protecting CUI in Nonfederal Systems), NIST SP 800-53 (Security and Privacy Controls), and NIST Cybersecurity Framework
  • Ensure industrial control systems (ICS) and operational technology (OT) environments align with NIST guidelines while maintaining production uptime
  • Lead quarterly self-assessments and coordinate with third-party assessors for independent validation
  • Establish and maintain Plan of Actions & Milestones (POA&M) for any identified deficiencies
  • Monitor security alerts from CrowdStrike, NG SIEM, firewalls, Azure AD, and M365 security tools
  • Lead or support security incident investigations, root cause analysis, and remediation efforts
  • Develop and maintain incident response playbooks specific to manufacturing environments
  • Conduct threat hunting activities to proactively identify indicators of compromise
  • Coordinate with plant IT teams during security events to minimize production impact
  • Provide guidance and training for plant IT teams on security monitoring and incident response best practices
  • Perform regular vulnerability assessments and coordinate patch management activities
  • Conduct security configuration reviews of critical systems and network devices
  • Assess cybersecurity risks specific to manufacturing operations, including OT/ICS environments
  • Support penetration testing activities and remediation of identified vulnerabilities
  • Maintain asset inventory and classification in accordance with CMMC and NIST requirements
  • Develop and deliver cybersecurity awareness training for employees world wide
  • Create role-based training for privileged users handling CUI and sensitive manufacturing data
  • Conduct phishing simulation campaigns and analyze results for improvement opportunities
  • Serve as security liaison for all operations and sites
  • Maintain comprehensive security documentation including policies, procedures, network diagrams, and system configurations
  • Generate metrics and reports on security posture for executive leadership
  • Document security incidents, lessons learned, and continuous improvement initiatives
  • Create and maintain security runbooks and standard operating procedures
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
  • Security+, CISSP, CISM, or GIAC Security Essentials (GSEC)
  • CrowdStrike Certified Falcon Administrator (CCFA) preferred
  • 5+ years of hands-on cybersecurity experience in enterprise environments
  • 2+ years implementing or managing CMMC and/or NIST 800-171 compliance programs
  • Proven experience with: CrowdStrike EDR platform (administration, threat hunting, incident response)
  • Next-generation SIEM platforms (Splunk, Azure Sentinel, LogRhythm, QRadar, or similar)
  • Enterprise firewall platforms (Palo Alto, SonicWall, Fortinet, Cisco ASA/Firepower)
  • Azure Active Directory administration including conditional access and MFA
  • VPN technologies (site-to-site, remote access, IPsec, SSL VPN)
  • Microsoft 365 security and compliance features
  • Experience implementing and administering M365 security and compliance tools including Microsoft Purview for data loss prevention and information protection, and Intune for endpoint and mobile device management
  • Strong knowledge of network protocols, architecture, and security controls
  • Experience with scripting/automation (PowerShell, Python) for security tasks
  • Proficiency with security frameworks and standards (CMMC, NIST, ISO 27001, CIS Controls)
  • Understanding of encryption technologies, PKI, and certificate management
  • Familiarity with cloud security principles (Azure, AWS) and hybrid environments
  • Knowledge of secure software development practices and vulnerability management
  • Excellent analytical and problem-solving abilities
  • Strong written and verbal communication skills for both technical and non-technical audiences
  • Ability to work independently and manage multiple priorities in a fast-paced environment
  • Experience working across time zones with global teams
  • Strong documentation skills and attention to detail
  • Ability to balance security requirements with business operational needs
  • U.S. Citizenship may be required for access to certain systems containing CUI
  • Certified Information Systems Auditor (CISA)
  • CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA)
  • Microsoft Certified: Security Operations Analyst Associate or Azure Security Engineer Associate
  • GIAC Certified Incident Handler (GCIH) or GIAC Continuous Monitoring Certification (GMON)
  • Experience with manufacturing or critical infrastructure environments preferred
  • Understanding of OT/ICS security concepts and industrial network segmentation
  • Knowledge of ICS/SCADA security standards (IEC 62443, NIST 800-82)
  • Experience with zero trust architecture implementation
  • Familiarity with Purdue Model for industrial network segmentation
  • Previous experience in manufacturing, aerospace, or defense industries
  • Understanding of data classification and information protection programs
  • Experience with security orchestration, automation, and response (SOAR) platforms
  • Excellent benefits package including a 6% Company 401(k) match
  • Flexible scheduling
  • Tuition Assistance Program
  • Employee Assistance Program
  • Formal and informal Development opportunities.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service