Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

Job ID: 85770
Location:  Mossville, IL

Duration: 12 months

Looking for 8-10 years of experience with connected assets, embedded systems security experience, SDLC, CI/CD pipelines, Power BI, and a broad understanding of ISO 2701.

Education Requirements:

- Bachelor’s degree with 10+ years of experience  

- Master’s degree with 8+ years of experience

Preferred Certifications:

- Professional information security certification (CISSP, CCSP, CSSLP, GISCP, GPEN, GWEB, etc.)

Required Skills for the Senior Cybersecurity Engineer:

- Ten or more years in information security or solution development/engineering

Experience with relevant industry standards, such as:

- EU-CRA

- ISO 27001

- NIST CSF

- NIST 800-82

- ISA 62443

- OWASP

Experience with a wide variety of information security processes and principles, such as:

- Power BI

- Application architecture and DevOps tooling

- Connected Asset Security

- Developing and deploying services within cloud platforms

- Integration and automation of security into SDLC and CI/CD development processes

- Threat modeling & Risk analysis

- Vulnerability assessment and remediation

- Identity and Access Management standards and best practices

- Defense in depth

- Embedded systems security

- Networking concepts on-prem and cloud

- API & Web services security

Soft Skills Required:

- Effectiveness Measurement: Knowledge of effective measurement techniques and ability to measure the quality and quantity of work effort for the purpose of improvement

- Planning: Tactical, Strategic: Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.

- Analytical Thinking: Knowledge of techniques and tools that promote effective analysis; ability to determine the root cause of organizational problems and create alternative solutions that resolve these problems.

- Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.

- Decision Making and Critical Thinking: Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.

- Technical Excellence: Knowledge of a given technology and various application methods; ability to develop and provide solutions to significant technical challenges.

- Information Security Administration: Knowledge of information security administration; ability to develop and apply an organization''s information security policies, standards and procedures ensuring the integrity and safety of information.

Preferred Skills:

- Excellent written and verbal communications skills; demonstrated ability to communicate highly technical security concepts to non-security audiences.

- Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively

- Ability to coordinate multiple teams in accomplishing process review and improvement.

- Demonstrated ability in project management and change management.

- Demonstrated ability to develop metrics, perform critical analysis and develop executive decision support content.

Senior Cybersecurity Engineer Overview:

Come work on the IT Digital Technology and Distribution Team as a Senior Cybersecurity Engineer supporting Technology in the Autonomy & Automation (A&A) Business Unit.

- The Autonomy and Automation team is focused on scaling technology solutions in mining, construction, quarry and aggregates and beyond to support customer safety and productivity goals.

- The Senior Cybersecurity Engineer is responsible for providing thought leadership associated to embedding all aspects of cybersecurity into our products, solutions, and services.

- This position will partner with numerous business teams as well as IT around the world to develop, socialize, and drive the execution of strategic and tactical cybersecurity initiatives.

- Strong technical expertise across numerous cybersecurity domains along with modern understanding of information security industry trends are foundational skills required for this position.

Responsibilities:

- Integrate and collaborate with business partners to ensure understanding of key business strategies and challenges.

- Provide cybersecurity expertise and leadership in defining, prioritizing, and executing key initiatives that deliver cyber safe solutions and enable business strategy.

- Evaluate solutions and identify technical and process improvements that deliver alignment with secure SDLC & DevSecOps best practices and Information Security Directives

- Assist in solution architecture development/documentation and perform architecture security reviews.

- Provide technical and process expertise associated with cyber governance, risk, and compliance activities.

- Drive the remediation of known vulnerabilities while developing and executing strategies that deliver operationally sustainable vulnerability management.

- Identify, track, and report key cyber metrics to business unit stakeholders.

- Develop/own documented strategies to address key cyber risk areas.

- Maintain current knowledge on existing security procedures, directives and technology controls including secure application architecture, threat modeling, attack and penetration testing, data classification and data handling.

- Participate in working groups and provide insights into solution development teams on leading architecture, design, and security practices.