MODEC Houston

The Cybersecurity Engineer plays an integral role in defining and assessing the organization's security strategy, operations and practices. The Cybersecurity Engineer will assume responsibilities for multiple security functions. The Cybersecurity Engineer will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. The Cybersecurity Engineer will be required to develop, execute and track the performance of security measures to protect information, network infrastructure and computer systems. The Cybersecurity Engineer will lead and mentor staff and ensure they are following Cybersecurity best practices and industry standards.

DUTIES AND RESPONSIBILITIES:

  • Deploy and manage security infrastructure such as but not limited to firewalls, CASB, IPSs, WAFs, endpoint protection (DLP & EDR), MFA, SIEM, and vulnerability management tools on premise and cloud.
  • Support and implement baseline security configuration standards for IT/ICS/OT/IoT, cloud, operating systems, networking, encryption, data security, data classification, and identity and access management (IAM) assuring architectures meet security best practices that reduce risk and enhance security.
  • Participate in security assessments of internal systems, applications and IT infrastructure; managing these systems in a security information and event management system as part of the overall risk management practice of the organization.
  • Provide timely reporting of security related systems and events to various levels of management on a regular basis
  • Work with internal teams (Compliance, Legal, HR, etc.) to understand their security requirements and incorporate into the overall Strategy and execution plans.
  • Maintain, manage, and monitor cybersecurity training program.

QUALIFICATIONS & EXPERIENCE:

  • Bachelor’s degree in Computer Science, Information Systems or Cybersecurity
  • A minimum of 7 years or more experience in a security related field with direct responsibility to manage security one or more of the following:
  • Direct, hands-on experience deploying & managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection (DLP & EDR), SIEM, and vulnerability management tools on premise and cloud
  • Documented experience and a strong working knowledge of the methodologies required to conduct threat-modeling exercises on new technologies and services
  • Working knowledge of cybersecurity training and operations
  • Working knowledge of OT cybersecurity
  • Knowledge the secure deployment of workloads into public cloud services (e.g., AWS or Microsoft Azure)
  • Industry and Regulatory Experience (One of more of the following):
  • Sarbanes-Oxley Act, and Japanese the variant
  • General Data Protection Regulation (GDPR)
  • Privacy Principles (best practices)
  • International Organization for Standardization (ISO) 27001/2
  • National Institute of Standards and Technology (NIST)
  • Cybersecurity Framework (CSF)
  • IT Service Management (ITIL)

Certification(s) Preferred:

  • ISC2's CISSP
  • ISACA's CISM
  • ISACA's CISA
  • The Open Group's TOGAF
  • SANS' GAIC
  • IAPP's CIPT

Key Behaviors:

  • Strong analytical skills
  • Excellent interpersonal and communication skills
  • Strong teamwork and collaboration skills
  • Adaptability in being able to adjust to changing priorities

MODEC America, Inc. is an Equal Opportunity Employer.