IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity

Southwest Research Institute•San Antonio, TX

36d•Onsite

About The Position

Cybersecurity Operations' mission is to secure the enterprise by evaluating, implementing, and operating a full suite of tools and services. We are responsible for configuring, engineering, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention and incident response as well as security orchestration and automation. As part of the Cybersecurity team, the candidate will be part of the technology assessment and implementation process as well as operations and response, candidates will engage in the full security system lifecycle.

Requirements

Requires a Bachelors degree in Cybersecurity, IT Operations, or related degree with relevant experience. In lieu of a degree 5 years of Cybersecurity and/or IT administration experience and related certifications.
3 years: Relevant Cybersecurity and/or IT administration experience with a Bachelors degree.
3-7 years: Experience working with incident response and/or network security platforms such as Endpoint Protection, Threat Intelligence, Security Orchestration Automation and Response.
3-7 years: Experience with administration of modern operating systems (e.g.- Windows Server, Windows Desktop and Linux).
Experience with network fundamentals (TCP/IP, Vlans and network subnetting) as well as scripting, development, and utilizing application programing interfaces (API).
A valid/clear driver's license is required.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen.

Responsibilities

Provide cybersecurity analysis and support in an Enterprise environment.
Deploy, configure, and maintain security applications.
Maintain and provide continuous security configurations of cybersecurity infrastructure.
Research, recommend, evaluate, and deploy new cybersecurity technologies and capabilities.
Participate in daily review of alerts and incident response (IR) activities.
Effectively document system configurations, findings, and results of IR activities.
Monitoring and maintaining Endpoint Protection and Response (EDR) and Security Orchestration, Automation and Response (SOAR) systems, Enterprise Vulnerability Management and Penetration Testing programs.
Monitoring and maintaining Next Generation firewall systems and policies and L3/L7 Load-balancing and Web Application Firewall (WAF).
Support and management of Privileged Access Management (PAM) solution.
Participate in the support and management of the Enterprise Security Information Event Management (SIEM) solution to include advanced reporting, data analysis and correlation.
Participate in the support and configuration of the security for Microsoft O365 Entra ID cloud services.