The Villages
Senior Cyber Security Engineer
The Villages, The Villages, Florida, United States, 32162
Within the spirit of "Making People's Dreams Come True", this position is responsible for focusing on all aspects of security, regulations, and compliance related to our business and our clients. These duties are accomplished while delivering Raving Fans customer service to both internal and external customers.
Full Time, On Site PositionCompetitive salary based on experience: Starting at $74,900
Benefits for full-time eligible positions:Medical (HSA/FSA), Dental, and Vision | 401K and/or ROTH | PTO & Paid Holidays | Basic Life & AD&D | The Villages Charter School eligibility| and much more!
Responsibilities:
Cyber Security Operations
Proactively monitor and respond to threat indicators or incidents with Security Operations Center (SOC) software and tools including but not limited to:Anti-virus, Vulnerability management, Intrusion Detection and Prevention System (IDS, IPS), Security Incident and Event Monitoring (SIEM), Data loss prevention (DLP), Intrusion Detection/Prevention Systems (IDS/IPS) and Threat intelligence systemsPerform threat and vulnerability assessments (Physical and Virtual) to ensure that systems are protected from known and potential threats (datacenter, cloud, network, server/desktop, BYOD, IOT, etc.).Research detected threats and evaluated additional IOCs via malware analysis, sandboxing, VirusTotal, etc. to further investigation and mitigation.Create Documentation of new and existing system designs for compliance with security standards and best practices.Research, recommend, evaluate, document, and implement cyber security solutions that identifies and/or protects against potential threats and responds to security incidents.Stay informed about current and emerging threats to general technology and to specific threats to The Villages or its customers through research and testing.Develop and document methods of proactively detecting/mitigating threats using threat intelligence, honeypots/traps, IDS, etc.Continually evaluate, test, and recommend new tools and security products to protect systems in the ever-changing threat landscape.Review, recommend, document, and implement Active Directory Group Policy Security Best Practices.Work closely with the Network division to monitor and investigate security related issues originating from Network division tools or reviews.Work closely with Security and Compliance Administrator to achieve cohesive forensic analysis and incident reporting.Incident Response
Provide 24x7 access for incident response, including log review, data collection, SOC tool research, and forensic capture of system information.Work with law enforcement, as required, to meet submission or reporting requirements.Communicate with legal representatives of customers when required.Provide post incident security reports detailing available information concerning attack, possible avenues of compromise, remediation actions, and any recommendations for preventing future attacks of a similar nature.Provide Tier II support to our Server Operations Engineers and Field EngineersRequire use of our current ticketing system to keep track of work items, SLA, priorities, documentation of work performed and follow-up to our customers.Communicate with appropriate people using the most effective medium whenever there is an issue or possible outage of service. This includes notification when an issue or outage has been resolved.Advise Director of Cyber Security of any issues that affect our delivery of services to our customers promptly.All other duties as assigned.Education & Experience Requirements:
Associate degree (A.A.) or equivalent; and/or five (5) years of related experience and/or training; or equivalent combination of education and experience.At least one of the following Microsoft Certifications or current equivalents required: MTA, MCSE, MCSA or MCITP.At least one of the following or equivalent required: CompTIA Security+, GIAC Security Essentials, CEH, CISSP, CISM.Ability to demonstrate and apply understanding of the following: web content filters/proxies, email security capabilities, IDS, IPS, SIEM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.
Full Time, On Site PositionCompetitive salary based on experience: Starting at $74,900
Benefits for full-time eligible positions:Medical (HSA/FSA), Dental, and Vision | 401K and/or ROTH | PTO & Paid Holidays | Basic Life & AD&D | The Villages Charter School eligibility| and much more!
Responsibilities:
Cyber Security Operations
Proactively monitor and respond to threat indicators or incidents with Security Operations Center (SOC) software and tools including but not limited to:Anti-virus, Vulnerability management, Intrusion Detection and Prevention System (IDS, IPS), Security Incident and Event Monitoring (SIEM), Data loss prevention (DLP), Intrusion Detection/Prevention Systems (IDS/IPS) and Threat intelligence systemsPerform threat and vulnerability assessments (Physical and Virtual) to ensure that systems are protected from known and potential threats (datacenter, cloud, network, server/desktop, BYOD, IOT, etc.).Research detected threats and evaluated additional IOCs via malware analysis, sandboxing, VirusTotal, etc. to further investigation and mitigation.Create Documentation of new and existing system designs for compliance with security standards and best practices.Research, recommend, evaluate, document, and implement cyber security solutions that identifies and/or protects against potential threats and responds to security incidents.Stay informed about current and emerging threats to general technology and to specific threats to The Villages or its customers through research and testing.Develop and document methods of proactively detecting/mitigating threats using threat intelligence, honeypots/traps, IDS, etc.Continually evaluate, test, and recommend new tools and security products to protect systems in the ever-changing threat landscape.Review, recommend, document, and implement Active Directory Group Policy Security Best Practices.Work closely with the Network division to monitor and investigate security related issues originating from Network division tools or reviews.Work closely with Security and Compliance Administrator to achieve cohesive forensic analysis and incident reporting.Incident Response
Provide 24x7 access for incident response, including log review, data collection, SOC tool research, and forensic capture of system information.Work with law enforcement, as required, to meet submission or reporting requirements.Communicate with legal representatives of customers when required.Provide post incident security reports detailing available information concerning attack, possible avenues of compromise, remediation actions, and any recommendations for preventing future attacks of a similar nature.Provide Tier II support to our Server Operations Engineers and Field EngineersRequire use of our current ticketing system to keep track of work items, SLA, priorities, documentation of work performed and follow-up to our customers.Communicate with appropriate people using the most effective medium whenever there is an issue or possible outage of service. This includes notification when an issue or outage has been resolved.Advise Director of Cyber Security of any issues that affect our delivery of services to our customers promptly.All other duties as assigned.Education & Experience Requirements:
Associate degree (A.A.) or equivalent; and/or five (5) years of related experience and/or training; or equivalent combination of education and experience.At least one of the following Microsoft Certifications or current equivalents required: MTA, MCSE, MCSA or MCITP.At least one of the following or equivalent required: CompTIA Security+, GIAC Security Essentials, CEH, CISSP, CISM.Ability to demonstrate and apply understanding of the following: web content filters/proxies, email security capabilities, IDS, IPS, SIEM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.