SCM Engineer

The Senior Cyber Security Engineer and Liaison works with a small team to provide technical expertise to a wide array of IT projects. The individual selected will serve as a liaison between a cyber security center and major IT programs to ensure that new technologies and capabilities are implemented effectively. The senior engineer will work to evaluate new technologies (e.g. social media) to ensure that they are architected to meet security objectives. Frequently, the senior cybersecurity engineer and liaison will provided detailed evaluation of how to securely incorporate new technologies into the customer’s IT capabilities. These recommendations are provided both verbally and in written forms to senior managers so that they can make informed risk-based decisions.
The senior cybersecurity engineer and liaison will also support the continuous evaluation of proposed changes to the customer’s IT infrastructure and capabilities. The senior cybersecurity engineer and liaison will focus on representing the cybersecurity program by providing specialized security expertise to specific programs.
The ideal candidate will have exceptional verbal and written communication skills and a solid understanding of cybersecurity trends and security risks. They also must have a firm understanding of large scale enterprise IT operations. They will also have experience with cybersecurity in the domains of vulnerability management, malware TTP’s, networking protocols, and cyber incident management.

• Represents Company to external and/or internal customers where issue analysis of situations or data requires an in-depth knowledge of organizational objectives.
• Develops solutions to problems of unusual complexity which require a high degree of ingenuity, creativity, and innovativeness. Exercises independent judgment in determining the methods, techniques, and evaluation criteria used in obtaining results.  Challenges are frequently unique and solutions may serve as precedent for future decisions.
• Effects of decisions are long-lasting and heavily influence the future course of the organization. Errors in judgment or failure to achieve results would result in the expenditure of large amounts of company resources.
• Work is performed without appreciable direction. Exercises considerable latitude in determining objectives and approaches to assignment.
• Serves as consultant to management and special external spokesperson for the organization on major matters pertaining to its policies, plans, and objectives.
• Provides technical expertise and professional recommendations, working independently and subject matter experts, to ensure the maximum protection by cybersecurity defenses.
• Prepare and provide written and verbal recommendations for mitigating cyber risks across a wide array of technologies.
• Supports numerous cybersecurity technical capabilities and infrastructure onsite and at several remote locations. Assist in new security tools deployment.
• Document the standard operating procedures for supporting each capability as well as recovering from any system degradation.
• Provide the requisite training on new capabilities and operational practices to other operations team members.
• Provide oral and written recommendations, in sufficient detail, to permit the sponsor to make an informed, independent decision on cyber security and threat related issues.
• Assist the sponsor in clarifying cyber security related policies and procedures, and determining technical solutions for cyber security issues.
• Promote awareness of cyber security related issues among key decision makers and ensure sound security principles are reflected in sponsors visions and goals.
• Provide weekly, or more often as required, updates to Cybersecurity Office management on cyber security related issues impacting sponsor and decisions reached.
• Provide general information security (INFOSEC) support.
• Conduct research pertaining to the latest cyber security threat vectors and technological advances.
• Complete technical and security reviews documenting the vulnerabilities and exposures of varying technologies, and potential mitigating techniques and configurations.
• Assist in the development of and response to Information Technology (IT) security policy.