Cybersecurity Engineer Job at Teachers Retirement System of Georgia in Atlanta

Job Description

Under general supervision of the Chief Information Security Officer, this position is responsible for developing and supporting cybersecurity solutions, processes, and procedures necessary to protect the confidentiality, integrity, and availability of the organization’s data and cyber infrastructure. This position will implement and manage solutions related to identity management, endpoint and network security, data protection, and vulnerability management; and will research trends and emerging threats related to cybersecurity.

MINIMUM QUALIFICATIONS & EDUCATION

1. Bachelor’s degree in information assurance, computer science or closely related field and three (3) years’ experience working in cybersecurity or IT security.
2. Knowledge of endpoint and network security, attack methodologies (TPPs), incident response, and security assessments.
3. Knowledge of regulatory frameworks, industry standards, and best practices, such as, NIST Special Publications, NIST FIPS, CIS framework, and other cybersecurity frameworks.
4. Knowledge of vulnerability management, Security Operations Center (SOC) practices, and Security Information and Event Management (SIEM) systems.

PREFERRED ADDITIONAL QUALIFICATIONS

1. Five (5) or more years’ experience working in cybersecurity or IT security.
2. Knowledge of cloud environment (i.e. AWS, Azure) security solutions, compliance management, automated testing options, and Cloud Access Security Broker (CASB) solutions.
3. Knowledge of Identity Access Management and Privileged Access Management solutions.
4. Experience conducting comprehensive risk assessments to identify potential threats and vulnerabilities throughout the organization.
5. Knowledge of Public Key Infrastructure (PKI) and certificate management.

ADDITIONAL ELIGIBILITY & QUALIFICATIONS (CERTIFICATES, SPECIAL EQUIPMENT)
It is generally desirable for a person in this position to have a cybersecurity certification, such as Security+, SSCP, CISSP, GSEC, GISP, or other cybersecurity or IT certification.

ESSENTIAL DUTIES & RESPONSIBILITIES

1. Implement and manage cybersecurity systems and tools. Provide support for cybersecurity solutions specific to endpoint security, network security, identity management, data protection, vulnerability management, and risk assessment.
2. Assist with monitoring cybersecurity alerts and ensuring appropriate logs are forwarded to MSSP partners and log management systems. Manage, respond, and resolve security events or indicators of compromise detected by internal systems or MSSP partners. Work with MSSP partners to respond with corrective actions when incidents are detected.
3. Assist with the development and delivery of IT security standards, best practices, and architecture to ensure information system security across the enterprise. Implement processes and methods for auditing and addressing non-compliance of information security standards.
4. Evaluate, recommend, and assist in the implementation of processes and procedures to strengthen the security posture of the organization. Assist with the development and enforcement of policies and plans in compliance with laws, regulations, policies, and standards in support of organizational and cybersecurity activities.
5. Communicate with business owners on cyber risks within the organization. Collaborate with business representatives, system development and business users to provide information security requirements, security solution options and implementation plans.
6. Assist with maintaining documentation related to the organization’s Information Security Program.
7. Continually update cybersecurity knowledge by researching and understanding emerging threats; cybersecurity best practices and standards; participate in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Acquire and maintain necessary technical certifications as required.