ETS-Lindgren GmbH
Cyber Security Engineer II
ETS-Lindgren GmbH, Oklahoma City, Oklahoma, United States,
Job Category : Solutions & Implementation EngineersRequisition Number : CYBER002397Apply nowPosted: July 29, 2024Full-TimeLocations
Showing 1 locationMarlborough, MA 01752, USA
Description
We are seeking a Cyber Security Engineer II to join our Cyber Security team in Marlborough, MA. This is an exciting opportunity to apply your security knowledge across a range of strategic initiatives and assessments. This role provides an opportunity to apply your technical skills across various security initiatives while collaborating with IT, engineering, and product teams. You may also have the opportunity to prototype and implement new security tools and technologies. This is a high visibility role requiring an individual who stays on top of the latest security issues and technologies shaping the industry. You will have exposure to emerging trends in areas like cloud, AI security, and critical infrastructure protection. Our environment provides opportunities to translate security concepts into functioning solutions through collaborations with various engineering teams. We welcome passionate candidates to apply even if you meet some but not all qualifications, yet possess core competencies around security assessments, patch management, an understanding of frameworks like NIST, as well as soft skills like communication, analytical thinking, and resourcefulness. This role is based at our Marlborough, MA location, and will report directly to the Cyber Security Manager.ESSENTIAL JOB FUNCTIONSSupport Doble Cybersecurity Solutions including performing weekly patch management process, maintain NERC CIP compliance and SLAs, weekly customer calls, and contribute to sustaining the product enhancement.Assist in security activities within the SDLC including Code Reviews, Threat Modeling, SAST, DAST, & SCA.Responding to security incidents and working with other IT professionals to address and resolve them.Lead Penetration Testing engagements on Doble products such as Web, Thick, and API applications.Conduct periodic security reviews to evaluate the effectiveness of existing security measures.Collaborate with internal and external stakeholders to ensure technology solutions meet security requirements.Staying up-to-date with the latest security threats and trends.Providing training and guidance on security awareness and best practices to other personnel.Take on additional security projects and tasks as needed.EDUCATION:Bachelor’s degree in Cybersecurity, Computer Science, or related field. Master’s degree is preferred.REQUIRED EXPERIENCE:3-5 years’ experience as a security engineer or equivalent.Strong knowledge of one or more of security standards including NERC CIP, NIST CSF, ISO 27001, IEC 62443.Knowledge of the OWASP Top 10, OWASP ASVS, and other security frameworks.Familiarity with security platforms such as Azure, Secureworks MDR, Synk, Knowb4, BitSight etc.Hands-on experience with manual vulnerability testing, exploit development, and static code analysis, using commercial and open-source penetration testing tools like Burp Suite, OWASP ZAP, Metasploit, SQLMap, etc.Excellent analytical and problem-solving skills.Ability to work independently with minimal oversight and within a team environment.Excellent time management, organizational, and verbal and written communication skills.High level of attention to detail and quality of work product.PREFERRED EXPERIENCE (Not Required):2+ years of hands-on penetration testing experience.Relevant security certifications such as OSCP, CEH, CPT, GPEN, Security+.Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges – SANS Holiday Hack, HackerOne CTF, HackTheBox, etc.).Knowledge of AI security and generative AI systems.Familiarity with networking protocols and components.Participation in incident response as an analyst or coordinator.Ability to clearly explain complex security issues to leadership.Familiarity with regulatory compliance in Power Industry.Knowledge, Skills & AbilitiesAnalytical skills to diagnose technical problems and investigate vulnerabilities.Attention to detail gathering security requirements and assessing risks.Ability to interpret trends, threat intelligence, and translate findings into actionable strategy.Process knowledge related to compliance, change management and access controls.Excellent communication skills for advising both technical and non-technical groups.Occasional travel up to 10% may be required for this position.Occasional off hours work may be required in instances where customer support and/or security incident response is necessary.PHYSICAL REQUIREMENTS:While performing the duties of this job the employee is often required to stand, sit, use computers, read, write, type, use copy machines, file paperwork, use telephones, and utilize written and oral communication to interact with clients, co-workers, and customers. Reasonable accommodations may be made to enable individuals to perform the essential functions of this job. Must be capable of lifting 30 pounds.Actual base salary offered to the hired applicant will be determined based on their work location, level, qualifications, job related skills, as well as relevant education or training experience.Salary Pay Range Minimum $100,603.37 - Midpoint $125,754.21Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesWe are an Equal Employment Opportunity employer that values the strength diversity brings to the workplace. All qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law, are strongly encouraged to apply.
#J-18808-Ljbffr
Showing 1 locationMarlborough, MA 01752, USA
Description
We are seeking a Cyber Security Engineer II to join our Cyber Security team in Marlborough, MA. This is an exciting opportunity to apply your security knowledge across a range of strategic initiatives and assessments. This role provides an opportunity to apply your technical skills across various security initiatives while collaborating with IT, engineering, and product teams. You may also have the opportunity to prototype and implement new security tools and technologies. This is a high visibility role requiring an individual who stays on top of the latest security issues and technologies shaping the industry. You will have exposure to emerging trends in areas like cloud, AI security, and critical infrastructure protection. Our environment provides opportunities to translate security concepts into functioning solutions through collaborations with various engineering teams. We welcome passionate candidates to apply even if you meet some but not all qualifications, yet possess core competencies around security assessments, patch management, an understanding of frameworks like NIST, as well as soft skills like communication, analytical thinking, and resourcefulness. This role is based at our Marlborough, MA location, and will report directly to the Cyber Security Manager.ESSENTIAL JOB FUNCTIONSSupport Doble Cybersecurity Solutions including performing weekly patch management process, maintain NERC CIP compliance and SLAs, weekly customer calls, and contribute to sustaining the product enhancement.Assist in security activities within the SDLC including Code Reviews, Threat Modeling, SAST, DAST, & SCA.Responding to security incidents and working with other IT professionals to address and resolve them.Lead Penetration Testing engagements on Doble products such as Web, Thick, and API applications.Conduct periodic security reviews to evaluate the effectiveness of existing security measures.Collaborate with internal and external stakeholders to ensure technology solutions meet security requirements.Staying up-to-date with the latest security threats and trends.Providing training and guidance on security awareness and best practices to other personnel.Take on additional security projects and tasks as needed.EDUCATION:Bachelor’s degree in Cybersecurity, Computer Science, or related field. Master’s degree is preferred.REQUIRED EXPERIENCE:3-5 years’ experience as a security engineer or equivalent.Strong knowledge of one or more of security standards including NERC CIP, NIST CSF, ISO 27001, IEC 62443.Knowledge of the OWASP Top 10, OWASP ASVS, and other security frameworks.Familiarity with security platforms such as Azure, Secureworks MDR, Synk, Knowb4, BitSight etc.Hands-on experience with manual vulnerability testing, exploit development, and static code analysis, using commercial and open-source penetration testing tools like Burp Suite, OWASP ZAP, Metasploit, SQLMap, etc.Excellent analytical and problem-solving skills.Ability to work independently with minimal oversight and within a team environment.Excellent time management, organizational, and verbal and written communication skills.High level of attention to detail and quality of work product.PREFERRED EXPERIENCE (Not Required):2+ years of hands-on penetration testing experience.Relevant security certifications such as OSCP, CEH, CPT, GPEN, Security+.Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges – SANS Holiday Hack, HackerOne CTF, HackTheBox, etc.).Knowledge of AI security and generative AI systems.Familiarity with networking protocols and components.Participation in incident response as an analyst or coordinator.Ability to clearly explain complex security issues to leadership.Familiarity with regulatory compliance in Power Industry.Knowledge, Skills & AbilitiesAnalytical skills to diagnose technical problems and investigate vulnerabilities.Attention to detail gathering security requirements and assessing risks.Ability to interpret trends, threat intelligence, and translate findings into actionable strategy.Process knowledge related to compliance, change management and access controls.Excellent communication skills for advising both technical and non-technical groups.Occasional travel up to 10% may be required for this position.Occasional off hours work may be required in instances where customer support and/or security incident response is necessary.PHYSICAL REQUIREMENTS:While performing the duties of this job the employee is often required to stand, sit, use computers, read, write, type, use copy machines, file paperwork, use telephones, and utilize written and oral communication to interact with clients, co-workers, and customers. Reasonable accommodations may be made to enable individuals to perform the essential functions of this job. Must be capable of lifting 30 pounds.Actual base salary offered to the hired applicant will be determined based on their work location, level, qualifications, job related skills, as well as relevant education or training experience.Salary Pay Range Minimum $100,603.37 - Midpoint $125,754.21Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesWe are an Equal Employment Opportunity employer that values the strength diversity brings to the workplace. All qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law, are strongly encouraged to apply.
#J-18808-Ljbffr