The Cyber Security Engineer is responsible for performing all phases of the security technology lifecycle including technical requirements, architecture, design, implementation, maintenance, and monitoring. The position is responsible for security operations including log analysis, vulnerability assessments, and threat analysis. The engineer will also be responsible for design, implementation and adherence to cyber security policies and processes across the organization.
Responsibilities and Duties:
Develops and maintains security policies and procedures that ensure all systems follow regulatory security standards and compliance.
Responsible for all aspects of cyber incident management from detection, through to remediation and lessons learned.
Develops and maintains the Incident Response Plan including procedures for incident response, forensic investigation, and mitigation of security events.
Provides information security guidance across IT operations and new projects.
Directs information security investigations, ensuring that evidence is collected in an admissible manner.
Identifies, assesses, and drives process around emerging security threats and vulnerabilities that could affect the organization and users of its information.
Conducts security risk assessments.
Other duties as assigned.
Required Abilities and Skills:
In-depth technical knowledge of web security, network security, security protocols and cryptography.
Demonstrable ability to identify vulnerabilities, anticipate threats, and use a practical approach to reduce the likelihood or impact of a breach.
Understanding of cloud security, specifically AWS and Azure.
Excellent communication skills, articulate, organized, diligent and pragmatic.
Education and Experience:
Bachelor’s degree or equivalent degree and at least 5-7 years’ relevant work experience; or an equivalent combination of education and experience.
Recognized security qualifications such as SSCP, CISSP, CISA, CEH, Security+
4+ years of experience in working in information security in an enterprise environment
Significant experience in Information Security disciplines and tools including incident management and engineering of security platforms (Firewalls, IDS, AV and Malware solutions, vulnerability management)
Experience in managing and operating vulnerability/patch management processes and tools.
Experience in administrating and managing enterprise-wide data loss prevention on premise and on cloud.
Physical Demands and Work Environment:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the functions.
The employee will be sitting in a typical office environment the majority of the time and may be exposed to outdoor weather conditions.
The employee is frequently required to sit, use hands or fingers, handle or feel objects, tools, or controls and reach with hands and arms. The employee is regularly required to talk or hear. The employee is occasionally required to stand, walk, and lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus.
This position is on-site and requires the ability to work extended hours and/or weekends.
The Forty Niners Stadium Management Company is an equal opportunity employer. We encourage all qualified candidates to apply regardless of race, ethnicity, nationality, religion, sex, gender identity, sexual orientation or able-status.