Cybersecurity Engineer (CMMC)

JOB SUMMARY:
The Cybersecurity Engineer to serve as a subject matter expert in many areas of security, able to describe and document in business terms the impact of security policies, standards, and architecture. This person plays a vital dual role in our organization, with time being spent facilitating our Cybersecurity offering as well as focusing on CMMC Compliance. The Cybersecurity Engineer provides security direction to the business and project stakeholders to ensure that security is a key focus for all projects and new business initiatives, as well as technical expertise on assigned clients, tickets, and CMMC Compliance projects.

ESSENTIAL FUNCTIONS:

• Project engagement during the initiation, requirements, and design stages to ensure that security has been considered and is included into the design at the appropriate level based on the risks
• Security review and design of complex applications and technologies
• Evaluation and maintenance of security system plans and procedures to safeguard internal information systems
• Researching and recommendation/implementation of changes to procedures and systems to enhance security aligned with corporate policies
• Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business
• Perform security risk assessments to determine level of security services to include:
• Document Customers Systems

ADDITIONAL RESPONSIBILITIES:

• Monitor assigned tickets and tasks and provide service or escalation as necessary.
• Develop tasks & milestones for security projects.
• Able to translate business and non-functional requirements to establish security controls so that a proper security design can be architected and to document the security solution for communication and publication.
• Demonstrated analytical skills continuously identifies problems, collect or interpret data, establish facts, anticipate obstacles, and develops plans to resolve; strong problem-solving skills while communicating in a clear and succinct manner effectively evaluating information and data to make decisions.
• Proven understanding of the current vulnerabilities, response, and mitigation strategies used in Cybersecurity.
• Experience of designing and incorporating technical security controls that align to NIST 800-171, and/or CMMC.
• Prepared to challenge business and IT colleagues and have the difficult conversations where needed in the interests of the company.
• Demonstrated customer focus evaluate decisions through the eyes of the customer; build strong customer relationships and create processes from the customer viewpoint.
• Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
• Accurately enter and maintain ticket information including notes and resolution.
• Adhere to departmental policies for reporting and managing requests and change controls.
• Maintain daily timesheet and expense report entries and submit them accurately and timely.
• Other duties as required.

TECHNICAL SKILLS:

• Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design) and cloud-based technologies.
• Strong background in Network Engineering including a deep understanding of Windows Server architecture, Windows Virtualization, Networking, Backup Solutions, and Disaster Recovery
• Strong background in Microsoft security architecture including a deep knowledge of server and workstation security.
• Ability to troubleshoot server based software issues with:
• Microsoft Windows Server operating systems
• On Premise Microsoft Exchange and hosted Microsoft Office 365
• Microsoft Remote Desktop Services
• Microsoft Hyper-V and VMWare
• Enterprise EDR and MDR solutions
• Enterprise class backup solutions
• Knowledgeable of various server/workstation peripherals such as NAS/SAN solutions.
• In depth knowledge of workstation/server hardware and software troubleshooting abilities
• Strong understanding of networking equipment such as Switches, Firewalls, and Wireless Access Points

EDUCATION, EXPERIENCE, & KNOWLEDGE:

• (5) years working in Information Technology
• (2) years in Cybersecurity
• (1) year in CMMC compliance
• Information Security Qualifications such as CISSP, CISM, CISA, and ISSAP, a plus.
• Certified CMMC Professional (CCP)
• Familiarity with NIST SP 800-171