Senior Cybersecurity Engineer

Job Purpose

The Senior Cybersecurity Engineer plays a pivotal role in safeguarding the organization's digital assets, ensuring compliance with regulatory standards, and fostering continuous improvement in risk management and cybersecurity practices. As a key member of the IT team, this individual will significantly influence the direction of cybersecurity strategies and initiatives from the outset.

Duties and Responsibilities

• Lead the development and implementationof cloud-specific security protocols, ensuring the protection of data across all SaaS applications and Azure cloud services.
• Design and managesecurity strategies that are optimized for a cloud-first environment, focusing on scalability and integration with cloud technologies.
• Conduct security risk assessmentsspecifically for cloud deployments, identifying potential vulnerabilities unique to cloud infrastructure and SaaS platforms.
• Oversee incident responsefor cloud services, ensuring rapid and effective action in the event of a security breach within the cloud environment.
• Simplify and interpretsecurity data from cloud services into actionable insights for stakeholders, emphasizing the unique aspects of cloud security.
• Standardize and enhancecybersecurity operations with a focus on cloud-based tools and services, leveraging the capabilities of Azure for advanced threat protection.
• Collaborate with cloud service providersand business leaders to mitigate risks associated with cloud computing and SaaS applications.
• Drive compliancewith cloud security standards and frameworks, ensuring that all cloud services meet industry and regulatory requirements.
• Develop contingency plansand disaster recovery strategies that are tailored for cloud environments, ensuring business continuity in the face of cloud-specific challenges.
• Maintain a dashboardthat provides a comprehensive view of the organization's cloud security posture, integrating data from both Azure and SaaS providers.
• Ensure alignmentwith CMMC 2.0 standards within the cloud context, adapting the security practices to protect controlled unclassified information across cloud services.
• Pursue CMMC 2.0 certificationwith a focus on cloud services, demonstrating compliance and a strong security stance within the cloud-first manufacturing environment.

Education, Experience and Certifications

• ABachelor's degreein Computer Science, Information Systems, or a related field is required.
• A minimum of5 years of IT experience, with a strong emphasis on cyber security and compliance within cloud environments.
• Relevant security certifications such asCISSP (Certified Information Systems Security Professional)orCISM (Certified Information Security Manager)are highly desirable.
• Experience withcloud security frameworksand a deep understanding of Azure cloud services.
• Familiarity withCMMC 2.0 standardsand experience in guiding an organization through the certification.

Skills and Abilities

• Proficient in compliance standards likeNIST-800, SOC, GDPR, SOX.
• Agile infast-paced environments; adept at managing ambiguity.
• Skilled inMicrosoft Azure cloud infrastructureand security.
• Experienced in implementingNIST-800or similar frameworks.
• Capable of coordinatingthird-party assessments.
• Proficient in draftingpolicies, procedures, and controls.
• Versed inRisk Managementwithin compliance and security.
• Able to jugglemultiple prioritieseffectively.
• Open to additional duties as needed for business operations.

Role Classification and Working Conditions

This is a salaried, exempt-level position. This position typically works in an office environment; and given the nature of our business is also exposed to operations/warehouses/production environments.

Physical/Other Requirements

• Ability to lift and/or move up to 30 pounds.

We are not accepting candidates who require sponsorship for this position at this time.