Description

We are seeking a seasoned Cybersecurity Engineer/Analyst to help strengthen and mature our organization’s security posture. This role will be responsible for implementing, managing, and optimizing a wide range of endpoint, perimeter, and cloud security technologies, as well as performing hands-on analysis of alerts, incidents, and vulnerabilities.

The ideal candidate is proactive, detail-oriented, and skilled at both the technical and strategic aspects of cybersecurity. You’ll work cross-functionally with IT, Infrastructure, and GRC teams to identify risks, design mitigations, and ensure alignment with security best practices and compliance standards.

Responsibilities

PRIMARY RESPONSIBILITY: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Maintains hardware, software and network firewalls and encryption protocols. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

Required Experience and Skills

• Configure, maintain, and optimize endpoint and perimeter security solutions such as DLP, EDR, email gateways, SIEM, web filters, and SASE technologies.
• Example tools: Forcepoint, Palo Alto Prisma, Digital Guardian, ZScaler, Cyberhaven, SentinelOne, CrowdStrike, Mimecast, Proofpoint, Abnormal, and Splunk.
• Analyze security logs, alerts, and telemetry from SIEM and other security systems to detect anomalies and potential threats.
• Support cloud and network security initiatives, including configuration and management of CSPM and CASB technologies across platforms such as Zscaler, CrowdStrike, SentinelOne, and Proofpoint.
• Identify and assess risks and vulnerabilities and recommend actionable steps to improve the organization’s overall security posture.
• Define, implement, and enforce access control and conditional access policies following security best practices and least privilege principles.
• Collaborate with IT, security, and business units to develop and implement security strategies aligned with industry frameworks and organizational goals.
• Investigate and respond to security incidents, performing root cause analysis and developing response and mitigation procedures.
• Complete work in ITSM tools such as ServiceNow or Jira.
• Partner with Governance, Risk, and Compliance (GRC) team members to enhance and maintain risk management, compliance, and governance processes.

Desired Experience and Skills

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Minimum 3 years of experience in IT, cybersecurity, or a related technical field.
• Proven experience with security configuration, monitoring, and management across tools such as ZScaler, Cyberhaven, SentinelOne, CrowdStrike, Proofpoint, Mimecast, and Splunk.
• Strong understanding of IT access provisioning, termination processes, and identity governance.
• Familiarity with security risk management and compliance frameworks (e.g., NIST, ISO 27001, CIS).
• Strong analytical and problem-solving skills with meticulous attention to detail.
• Excellent written and verbal communication and ability to work effectively across teams.
• Demonstrated ability to work independently and collaborate in a cross-functional environment.
• Experience with GRC tools or platforms (e.g., Archer, OneTrust, ServiceNow GRC) is a plus.
• Industry certifications such as CISSP, CISM, CEH, GIAC, or Security+ is a plus.
• Experience with cloud security and zero trust architecture.
• Exposure to security automation, scripting (Python, PowerShell), or API integrations between tools.