Cybersecurity Engineer

About The Position

Requirements

• Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
• 4+ years of prior relevant experience
• Hold Cybersecurity certifications (Security+, SSCP, GSEC, CRISC) and/or specific training and certification in security risk management and IT controls frameworks, such as NIST 800-39, 800-30, 800-53, or CSF.
• Strong written and verbal communication (technical + non-technical audiences)
• Project and initiative ownership
• Attention to detail with an audit and risk mindset
• Critical thinking and problem-solving
• Ability to mentor and uplift team members
• Comfortable operating both independently and as part of a team
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Deep understanding of networking (TCP/IP, ports, protocols, OSI model, traffic flows)
• Hands-on experience with log analysis, threat investigation, and incident response
• Experience with vulnerability management platforms and remediation workflows
• Proficiency with security tools such as: EDR / MDR, SIEM (engineering, tuning, and use cases), IDS/IPS, Endpoint and network forensics tools
• Strong understanding of modern security architecture (identity, cloud, endpoint, network)
• Experience supporting or operating security monitoring and detection capabilities at scale
• Must possess mobility to work in a standard office setting and to use standard office equipment, including a computer, stamina to maintain attention to detail despite interruptions, strength to lift and carry [computer equipment weighing up to 20lbs]; vision to read printed materials and a computer screen, and hearing and speech to communicate in person and over the telephone.

Nice To Haves

• Bring a strong GRC foundation but can translate governance requirements into real technical controls
• Have hands-on experience with NERC CIP or regulated environments
• Can independently drive risk, compliance, and security improvement initiatives end-to-end
• Naturally operate as a technical leader and mentor, even without formal direct reports
• Balance strategic thinking with hands-on execution

Responsibilities

• Design, implement, and maintain enterprise-grade security solutions aligned with regulatory requirements and frameworks (e.g., NIST, NERC CIP)
• Operate with a high degree of independence, driving security initiatives end-to-end from design through implementation
• Monitor, detect, and respond to cyber threats and vulnerabilities across IT and OT environments
• Lead or support incident response activities, ensuring timely containment, remediation, and documentation
• Maintain and improve incident response playbooks, runbooks, and tabletop exercises
• Conduct risk assessments, vulnerability scans, and remediation tracking, focusing on measurable risk reduction
• Track emerging threats and translate threat intelligence into improved detections and controls
• Perform and support security validation activities, including penetration testing and control testing
• Translate GRC requirements into practical technical controls and sustainable processes
• Support and enforce security policies, standards, and procedures, ensuring audit readiness
• Contribute to and evolve security architecture across identity, network, cloud, and OT environments
• Collaborate with IT and business teams to embed security into systems and operations
• Implement, tune, and optimize security technologies (SIEM, EDR, IDS/IPS, etc.)
• Analyze logs and alerts to identify and investigate suspicious activity
• Support implementation of data protection and encryption controls
• Prepare and maintain security documentation and audit artifacts
• Support third-party risk management and vendor security reviews
• Provide technical guidance and mentor team members, acting as a deputy when needed
• Promote a culture of security awareness and continuous improvement
• Support security of OT/ICS environments, including SCADA systems and NERC CIP-aligned controls

Benefits

• Medical, Dental, Vision, and Prescription Drug Insurance
• Company-Paid Life Insurance
• Flexible Spending Account (FSA)
• Wellness Programs and Incentives
• 401(k) Retirement Plan & Company Match
• Paid Time Off – Sick & Vacation Time
• Paid Holidays