Cybersecurity Engineer

The National World War II Museum Inc•New Orleans, LA

About The Position

The National WWII Museum is currently seeking a Cybersecurity Engineer. The Cybersecurity Engineer is responsible for the day-to-day execution and continuous improvement of the National WWII Museum’s cybersecurity program, including security monitoring, vulnerability management, incident response, and implementation of security controls. This role serves as the technical owner of cybersecurity controls and the primary escalation point for security incidents, operating with delegated authority from the Vice President of Information Technology. Working closely with IT teams, the Cybersecurity Engineer translates security priorities into practical, effective technical protections that reduce risk and strengthen the organization’s overall security posture. The role operates under the strategic direction and governance of the Vice President of Information Technology and ensures alignment with industry standards and best practices, including the NIST Cybersecurity Framework. Unlike an analyst role focused primarily on monitoring and reporting, this position is responsible for the engineering, implementation, and continuous improvement of the Museum’s security controls.

Requirements

3–7 years of Experience operating in a multi-site or hybrid environment with a mix of on-premises and cloud infrastructure
Demonstrated ability to translate technical risk into business-relevant language for non-technical stakeholders
Demonstrated experience designing, implementing, and improving security controls, not only monitoring or reporting
Hands-on experience with: Endpoint Detection & Response (EDR) platforms, Vulnerability scanning and remediation workflows, Identity & Access Management, MFA, and Conditional Access and Windows operating systems and network security fundamentals
Proven ability to lead technical incident response, including containment and remediation
Experience working directly with infrastructure and application teams to reduce risk
Familiarity with the NIST Cybersecurity Framework and modern security best practices
Strong troubleshooting, documentation, and communication skills
Self-motivated and able to work independently or within a team environment.
As needed, be willing to work a flexible schedule that may extend outside of the typical 40-hour work week, including weekends and evenings, to complete tasks and meet deadlines.

Nice To Haves

Experience with cloud security (Microsoft Azure or similar platforms)
Familiarity with security automation, SOAR concepts, or scripting (PowerShell, Python, etc.) for security operations
Exposure to SIEM or centralized logging platforms
Security certifications (Security+, CySA+, SSCP, or similar)

Responsibilities

Monitor and triage security alerts from endpoint protection, identity platforms, and logging systems
Investigate and respond to security incidents in coordination with IT Infrastructure
Maintain incident documentation and post-incident remediation tracking
Operate routine vulnerability scanning across servers, endpoints, network devices, and supported systems
Testing, identifying, and remediating system and network vulnerabilities through continuous vulnerability management
Prioritize findings based on risk, exploitability, threat intelligence, and business impact, and document accepted risk where remediation is deferred
Coordinate remediation with Infrastructure and Application teams
Track vulnerabilities through closure
Own endpoint security tooling health, configuration, and tuning
Enforce MFA, Conditional Access, and service account hygiene
Ensure security controls are consistently implemented across endpoints, servers, networks, and cloud services
Lead privileged access reviews and remediation
Partner with Infrastructure to improve network segmentation and reduce lateral movement
Lead firewall rule review, validation, and documentation
Ensure secure configuration of kiosks, AV systems, and operational technology where feasible
Designing, implementing, and upgrading security measures to protect organizational data, infrastructure, and networks
Expand log coverage to support investigation and compliance needs
Ensure logs are retained and accessible for incident analysis
Support SIEM-lite or centralized logging improvements
Translate NIST-aligned requirements into operational controls
Participate in tabletop exercises and recovery testing
Recommend improvements based on threat intelligence and incident trends
Contribute to risk assessments, security metrics, and executive reporting
Assist in maintaining cybersecurity policies, standards, and technical procedures
Participating in the change management processes to ensure new systems and changes meet security requirements before deployment
Perform other duties as assigned.

Benefits

Medical insurance – 2 plan options; Museum pays 75% of premium
Dental and vision insurance
Flexible spending account
401(k) – Museum matches 50% of employee contribution up to 6%; employer contribution full vested after 3 years of employment
Life insurance and AD&D - $15,000 policy employer paid; additional life and AD&D available
Long term disability insurance
Paid vacation and sick leave, 10 paid holidays per year
Free parking
Tuition assistance and professional development
Employee assistance program