Cybersecurity Engineer (ZScaler)

  • Morristown, NJ
  • Posted 30 days ago | Updated 30 days ago

Overview

On Site
Depends on Experience
Full Time

Skills

zscaler
INFORMATION SECURITY
CYBER SECURITY
"CLOUD ACCESS SECURITY BROKER"
MICROSOFT DEFENDER
MSSP
CLOUD SECURITY
Network SECURITY
CROWDSTRIKE
SECURITY INCIDENT HANDLING

Job Details

Job Description:

Cybersecurity Engineer III

Morristown, NJ, United States 07960

This role requires a Zscaler SME.

DLP is always key in this group. Data Loss Prevention Program Management/Implementation from a large Enterprise environment. Other key skills are AWS Cloud Security, Network Security, Identity Security, Automation/Reporting Security.

Microsoft Security -

Must have Covid Vax and Must get a flu shot each year (the flus shot is provided by Client)

The College Degree is very strongly preferred.

Other Tech that is relevant: DLP, SIEM, Crowdstrike, Threat Hunting, IBM Qradar and QRoC

Client do not and will not offer full remote. These jobs are 100% onsite for the first 90 days. After that, any combo of 3 days a week onsite. They plan to be hybrid forever. Hours are 8-4 with flex for earlier or later start and end times.

Must be "on call" for a week about every 10 weeks as the entire team rotates this individually.

Must be onsite the first 3 months and then they can work a blended scheduled (Morristown, NJ 2 to 3 days a week).

JOB DESCRIPTION

Overview:

The Cybersecurity Engineer III position requires a seasoned information security professional who is a self-starter, results-oriented, multi-disciplined, and comfortable in leading the implementation of system security solutions in multi-vendor complex healthcare environment. The individual in this role will serve as a senior level Engineer supporting Cyber Security Operations and Engineering efforts from a technical perspective in conjunction with the team. This position is responsible for leading efforts in security research, technical analysis, recommendations, configuration, and administration of systems. This role will also be responsible for defining associated processes and procedures to ensure the protection of information processed, stored, or transmitted in Client computing environments. This position ensures that security design, consultation, and technology governance oversight is provided for various projects and initiatives in an effective and timely manner. The incumbent also assists system users relative to information security matters and undertakes complex projects requiring additional specialized technical knowledge. This position acts as information security liaison to various business units and other corporate entities as well as the Information Services & Support department. Must have extensive experience in developing, implementing, and maintaining an organizational data protection strategy.

Responsibilities:

In depth knowledge of industry standard security technologies, protocols, and best practices. Should have experience in developing and maintaining working relationships both within the organization and with external partners. Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills, demonstrated ability to understand and apply security controls broadly, including for system, application, and network resources. Strong knowledge and work experience with logical access controls to ensure confidentiality, integrity, and assurance of proprietary information. Knowledge and understanding of business processes and information systems of a healthcare institution a plus.

Excellent interpersonal skills: including the ability to work effectively in a team environment as a participant as well as team leader. Capacity to work independently along with a willingness to follow and/or seek advice/assistance as needed. Excellent time management, organizational and motivational skills.

  • Will focus primarily on the design, architecture, and implementation of Zero Trust networking technologies, specifically Zscaler.
  • Subject matter expert level knowledge of major world-class secure networking platforms such as those offered by vendors like Microsoft and Zscaler, as well as CASB platforms like Microsoft Defender for Cloud Apps and Zscaler.
  • Will maintain secure networking policies & rules and respond to associated events which support compliance to the company s information security policies.
  • Maintain a working relationship with a 247 external cyber security operations center monitoring service (MSSP).
  • Assist in responding to and managing security events. Lead efforts to implement and manage solutions in the areas of virtualization, cloud technologies, data protection, threat protection, and security event monitoring.
  • Lead and/or participate in technical discussions around projects and initiatives that require a security architecture and design component.
  • Develop operational support plan as well as KPIs and other metrics around the technologies implemented specifically those implemented in the cloud or through virtualization platforms.
  • Collaborate with infrastructure architecture, networking, server, endpoint, web and application development teams

Qualifications:

Competencies/Security Technologies

  • Expert level knowledge of Zero Trust Networking technologies from Zscaler. Related certifications a plus.
  • Cloud Security AWS Certifications a plus
  • Virtualization Technologies
  • Network Security
  • Security Information and Event Management (SIEM)
  • Security Incident Handling/Response
  • Computer, Network, and Policy Auditing
  • Experience with Endpoint Security and Endpoint Detection and Response (EDR) Tools i.e., Crowdstrike

Educational/Technical Requirements

  • Bachelor s degree in computer information systems, Computer Science, MIS, Cybersecurity, or related technical discipline desired. Active Cyber Security Certifications will be considered in lieu of a formal degree.
  • 7+ years of direct cyber or information security experience.
  • Experience in a healthcare organization a plus but not required.
  • Equivalent work experience in the Information Technology field may be considered.
  • Will be able to illustrate a consistent and logical pattern of strategic career investments and professional development that have helped them develop the skills and experience required to be an effective Information Security leader.
  • This can include advanced education, industry certifications, professional development, industry thought leadership, and other external interests and pursuits. (I.e., community involvement, philanthropy, etc.)
  • Active certifications from Microsoft, SANS, ISACA and/or ISC2 not required but preferred.