Senior Cybersecurity Engineer: Job Description
The Andrew W. Mellon Foundation ("Foundation") believes that the arts and humanities are where we express our complex humanity, and we believe that everyone deserves the beauty, transcendence, and freedom to be found there. Through our grants, we seek to build just communities enriched by meaning and empowered by critical thinking, where ideas and imagination can thrive. It makes grants in four core program areas (Higher Learning, Arts and Culture, Public Knowledge, and Humanities in Place). The Foundation seeks a Senior Cybersecurity Engineer capable of assuming a wide range of responsibilities in the Information Technology department.
The Senior Cybersecurity Engineer ("Engineer") reports to the Director of IT and collaborates closely with members of the IT staff, including the Manager of IT Infrastructure Operations. The Engineer is responsible for day-to-day cybersecurity tasks of the Foundation's IT protective services, risk management, engineering, analysis, and investigations. The Engineer collaborates with the Foundation's IT Infrastructure outsource providers, Foundation staff, consultants and/or service firms, to maintain the confidentiality, integrity, and accessibility of Foundation technology services. The Engineer oversees and works to improve the Foundation's Security Information and Event Management ("SIEM") competency. The Engineer prototypes, configures, troubleshoots, and maintains an extensive variety of security focused services, products, and equipment that provide technical and administrative controls. The Engineer recommends products or services best suited for the Foundation's cybersecurity needs.
Responsibilities may include, but will not be limited to the following:
Protect, Analyze, and Defend
- Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.
- Uses data collected from a variety of cyber defense SEIM tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
- Directly or through collaboration with other staff, consultants and/or managed services, tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
- Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques. Investigates, analyzes, and responds to cyber incidents within the network environment or technology services enclave.
Engineer, Operate, and Maintain
- Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
- Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
- Data Analysis: Examines data from multiple disparate sources with the goal of providing new insight. Designs and implements custom algorithms, flow processes and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
- Responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Governance, Risk Management, BCP, and Evaluations
- Draft, propose, and maintain cybersecurity policies and procedures.
- Maintain the cybersecurity risk register and update annually.
- Monitor routine vulnerability analysis and initiate remedial activities tracking to completion or management acceptance of residual risk.
- Maintain, test, and update IT business continuity plans and disaster recovery plans.
- Conduct prospective, and update as needed, evaluations of all technology and IT services to insure conformance with management requirements and communicate status as needed.
Applicants should possess:
- Minimum of 6 years of professional IT experience, working hands on in a complex, outsourced, enterprise-level technology infrastructure.
- Operations experience in areas of IT security management, familiarity with SOC2 type I and II, NIST, ISO27001 security and similar frameworks.
- Certification(s) in one or more of the following areas: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), CISA: Certified Information Security Auditor, CEH: Certified Ethical Hacker, CISM: Certified Information Security Manager, or CompTIA Security+.
- Experience in the following platforms, systems, applications and network hardware including: Azure, Windows Server, Active Directory, Exchange, and Office365. Cisco Firepower, Cisco Catalyst. Linux/Centos,TCP/IP, firewall and systems security, network and system monitoring/logging, network switching and routing, Data Loss Prevention (DLP) business continuity and disaster recovery.
- Experience with a hybrid cloud environment (integrating on-premise technology with hosted cloud environment) is highly preferred.
- Interpersonal communications experience (oral and written) with the ability to be accurate, precise and, whenever possible, succinct in messaging about complex problems to be solved and/or work to be completed, taking care not to equivocate or use jargon that might confuse the meaning.
- Ability to demonstrate a creative and innovative approach to their work.
The Foundation is an equal opportunity employer that offers a competitive salary, outstanding benefits, and excellent working conditions.
Candidates should apply by submitting a thoughtful cover letter describing fit for the position together with a resume to: Senior Cybersecurity Engineer. We will consider each response carefully, but contact only those individuals we feel are most qualified for the position.