About the position
As a Senior Principal member of the MKS Cybersecurity Systems and Operations team, you will support a broad range of security activities including execution, management, and monitoring of security controls. Your contributions in this critical role include vulnerability management, endpoint security, email security, administration of various security tools and systems, in addition to proactively researching and analyzing the various controls for continuous improvement. You will ensure systems are adequately protected, effectively monitored, and in compliance with corporate policies to continually support and improve the controls and security posture within our IT environment. This includes, but not limited to, troubleshooting of the security infrastructure, supporting monitoring tools and to engage with business and other IT functions to understand use cases, to deploy and maintain appropriate security tools/solutions. You must understand the high-level principles of cybersecurity, and can effectively articulate security requirements, initiatives, progress, challenges, and success factors. This position operates on a hybrid model based out of our Andover, MA office. Applicants must reside within a reasonable commuting distance.
Responsibilities
- Monitor and analyze security vulnerabilities to report risk and trends, develop remediation plans with the responsible parties and report status of remediation activities.
- Manage cybersecurity system configuration activities including updates and ruleset development in coordination with both internal and third party/managed security services providers.
- Develop and maintain use cases, rules, and alerts to detect security incidents across various security technologies.
- Conduct regular tuning and optimization of the various cybersecurity systems to improve detection capabilities.
- Support investigation and response to security incidents, providing detailed analysis and recommendations related to cybersecurity tools/systems.
- Stay updated on the latest cybersecurity threats, trends, and technologies.
- Provide guidance and training to junior team members on best practices and operational functions.
Requirements
- Degree in relevant field or a significant combination of technical certifications and direct experience
- One or more professional security related certifications (e.g., CISSP, CEH, CISA, GIAC, GSIP, GCIH, GCFE)
- At least 10 years of relevant Information Technology or Cyber Security experience
- Expert knowledge of security vulnerabilities, threats, and risk mitigation activities for IT infrastructure, security devices, applications, systems and endpoints
- Direct experience supporting SIEM, EDR, Vulnerability Management, and Email Security technologies
- Knowledge of networking protocols and hardware configuration (switches, routers, firewalls, wireless controllers, etc.)
- Ability to analyze security information and data from multiple systems and sources
- Basic project planning and management skills to complete projects and activities within established goals
- Ability to work effectively with vendors, staff, management and end users at all knowledge levels
- Experience supporting global environments
- Excellent written, verbal and collaboration skills
- Strong analytical and problem-solving skills
- Ability to work independently and as part of a team
- Strong attention to detail and organizational skills
Nice-to-haves
- Network security control experience including IPSEC VPN gateways, layer 3-7 next generation firewalls, web filters, IPS, IDS, ACLs, DLP, etc.
- Security Information and Event Management (SIEM) administration and rule development
- Cloud computing security architecture and controls
- Network architecture/design (LAN, WAN, VLAN, MPLS, etc.)
- Remote access methods and controls
- Identity and Access Management (IAM)
- Multifactor authentication experience
- Encryption and certificate/key management
- Experience with Linux operating systems
- ERP experience (Oracle, SAP)
- Experience with scripting and automation (e.g., Python, PowerShell).
- Experience with US Federal information technology and cyber security standards including NIST 800-171
