Cybersecurity Specialist Job at Guardian Fueling Technologies LLC in Jacksonvill
Guardian Fueling Technologies LLC, Jacksonville, FL, US
Job Description
Job Overview:
We are seeking a proactive and experienced Cybersecurity Specialist to join our IT security team. The Cybersecurity Specialist will be responsible for protecting the organization's computer systems, networks, and sensitive data from cyber threats. You will play a crucial role in identifying vulnerabilities, implementing security measures, monitoring for potential threats, and responding to security incidents. The ideal candidate will possess a strong technical background in cybersecurity, a deep understanding of security frameworks, and the ability to work collaboratively with other teams to maintain and improve the security posture of the organization.
Key Responsibilities:
- Threat Detection & Incident Response:
- Monitor security systems, networks, and applications for signs of potential breaches or security threats.
- Investigate and respond to security incidents, including unauthorized access attempts, malware infections, or data breaches.
- Conduct root cause analysis to identify vulnerabilities and recommend mitigation strategies.
- Develop and execute incident response plans to minimize impact and recover from security events.
- Security Infrastructure Management:
- Implement and maintain security tools, such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption systems, and endpoint protection solutions.
- Collaborate with system administrators and IT teams to ensure secure configurations of servers, databases, and applications.
- Manage and monitor access control mechanisms, including multi-factor authentication (MFA) and role-based access controls (RBAC).
- Risk Assessment & Vulnerability Management:
- Conduct regular risk assessments and security audits to identify potential vulnerabilities in the IT environment.
- Perform vulnerability scanning and penetration testing to proactively detect weaknesses in networks, systems, and applications.
- Work with stakeholders to prioritize and remediate identified vulnerabilities and security gaps.
- Assist in ensuring compliance with relevant security standards and regulations
- Security Policy & Compliance:
- Develop, update, and enforce security policies, procedures, and best practices to safeguard the organization's data and IT infrastructure.
- Stay current with emerging security threats, technologies, and industry trends, and ensure the organization’s security policies remain up to date.
- Ensure the organization complies with security regulations, laws, and industry standards through regular audits and assessments.
- Security Awareness & Training:
- Provide cybersecurity training and awareness programs to employees to foster a security-conscious culture.
- Educate staff about phishing, social engineering, safe data handling practices, and other security best practices.
- Develop and distribute security documentation, guidelines, and alerts to employees as needed.
- Collaboration & Reporting:
- Work closely with IT and operations teams to align security practices with business objectives and regulatory requirements.
- Prepare and present regular reports on security activities, incidents, and overall risk posture to senior management.
- Participate in security-related projects and provide guidance on security considerations for new technologies and system implementations.
Qualifications:
- Education:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience).
- Experience:
- 3+ years of experience in cybersecurity or information security roles, with a strong understanding of security operations and risk management.
- Hands-on experience with security technologies, such as firewalls, IDS/IPS, SIEM tools, endpoint protection, and encryption.
- Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
- Experience with vulnerability scanning tools (e.g., Nessus, Qualys) and penetration testing tools (e.g., Kali Linux, Metasploit) is preferred.
- Technical Skills:
- Proficiency in network security concepts (e.g., VPNs, firewalls, intrusion detection systems).
- Strong understanding of common attack vectors and techniques, such as phishing, SQL injection, ransomware, and DDoS attacks.
- Familiarity with cloud security and securing cloud-based infrastructures (AWS, Azure, Google Cloud).
- Experience with scripting and automation tools (e.g., PowerShell, Python) for security tasks is a plus.
- Familiarity with endpoint security solutions and identity/access management (IAM).
- Certifications (Preferred):
- Certified Information Systems Security Professional (CISSP).
- Certified Ethical Hacker (CEH).
- CompTIA Security+ or equivalent cybersecurity certifications.
- Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) is a plus.
- Soft Skills:
- Strong analytical and problem-solving skills, with the ability to think critically under pressure.
- Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
- Detail-oriented with the ability to prioritize and manage multiple tasks in a fast-paced environment.
- Ability to work independently and as part of a team.