Cyber Security Engineer
About this position
Global Ordnance is a premier defense solutions provider delivering mission-ready products and logistics support to the US Military and partner nations worldwide. With deep expertise in international procurement, compliance, and end-to-end supply chain management, Global Ordnance specializes in sourcing and delivering high-quality defense systems, munitions, and specialized equipment with speed, precision, and integrity. Our highly talented, agile and hardworking team understands the complexities of US and allied defense contracting, helping GO grow to one of the region's largest defense contractors and one of Tampa Bay's fastest-growing companies year over year. As we continue our growth, we are seeking professionals to join our team. We offer highly competitive total compensation packages including company-paid (100%) medical and dental insurance for our employees and their families, competitive salaries, bonus programs, retirement plans, and much more.
Job Summary
This critical position is for a highly skilled and experienced Cybersecurity Engineer who will play a key role in protecting the organization's sensitive data and systems. The ideal candidate is a proactive and detail-oriented professional with a deep understanding of cybersecurity best practices, compliance frameworks, and cutting-edge security technologies. This role requires a broad range of technical skills, including expertise in data loss prevention (DLP), SharePoint administration across multiple tenants in compliance with all regulations, cloud security (specifically within Microsoft 365 environments, including GCC High), data tagging and migration, and vulnerability management.
Essential Duties and Responsibilities
- Cybersecurity Policy Implementation and Maintenance:
- Develop, implement, and maintain cybersecurity policies, procedures, and standards in accordance with industry best practices and regulatory requirements (e.g., NIST 800-171 Rev 3, ISO 27001, GDPR, UK Cyber Essentials, etc.).
- Ensure compliance with relevant regulations and frameworks.
- Conduct regular reviews and updates of security policies.
- Data Loss Prevention (DLP):
- Design, implement, and manage DLP solutions to protect sensitive data.
- Monitor DLP alerts and investigate potential data breaches.
- Fine-tune DLP policies to minimize false positives and maximize effectiveness.
- SharePoint Administration (Multi-Tenant):
- Administer and maintain SharePoint environments across three tenants.
- Manage user access, permissions, and security settings.
- Implement and enforce security policies within SharePoint.
- Troubleshoot SharePoint related security issues.
- GCC High Tenant Implementation:
- Assist in the planning, implementation, and configuration of a new GCC High tenant.
- Ensure security best practices are followed during the migration process.
- Collaborate with other teams to integrate GCC High with existing systems.
- Data Tagging and Migration:
- Implement data tagging strategies to classify and categorize sensitive information in alignment with both best practices and compliance programs.
- Plan and execute data migration projects, ensuring data integrity and security.
- Automate data tagging and migration processes where possible.
- Automate process and workflows for secure sharing with only vetted and approved users.
- Vulnerability Management:
- Monitor security alerts and vulnerability scans.
- Analyze vulnerability reports and prioritize remediation efforts.
- Implement timely patches and fixes to address identified weaknesses.
- Track and report on vulnerability remediation progress.
- Respond to security incidents and breaches.
- Collaboration and Communication:
- Collaborate with other IT teams and business units to ensure security is integrated into all aspects of the organization.
- Communicate effectively with technical and non-technical stakeholders.
- Provide regular updates on security status and initiatives.
Qualifications and Requirements
- Required Qualifications:
- Candidates must meet Authorized US Persons criteria under ITAR – candidates must be either US Citizen, Lawful Permanent Resident, or other certain protected authorized asylees. Additionally, qualified candidates may not be otherwise disbarred from having access to ITAR controlled information.
- A current US Government Secret Clearance (or higher) is required.
- A Bachelor's degree in Computer Science, Cybersecurity, or a related field is required.
- Proven experience in cybersecurity engineering, preferably in a regulated industry.
- A strong understanding of cybersecurity frameworks and regulations (e.g., NIST, ISO 27001, HIPAA, etc.) and GRC tools.
- Expertise in data loss prevention (DLP) technologies.
- Extensive experience in SharePoint administration, including multi-tenant environments.
- Hands-on experience with Microsoft 365 security features.
- Experience with GCC High implementation and management is highly desirable.
- Knowledge of data tagging and classification techniques.
- Relevant degrees, skilled trades certifications or licenses preferred.
- 1 to 3 years of relevant experience.
- Experience with DoD acquisition process, and DoD contracting requirements preferred.
- Demonstrated ability to build and maintain relationships with government officials, defense organizations, and industry stakeholders.
- Excellent communication, negotiation, and presentation skills.
- A self-starter with strong analytical and problem-solving skills.
- The ability to work independently and as part of a team in a fast-paced and dynamic environment.
- Willingness to travel domestically.
- ISO 9001:2015 training preferred.
- Proficient in the use of Microsoft Office suite (Word, Excel, Outlook, PowerPoint, and Project).
- Preferred Qualifications:
- Relevant certifications (e.g., CISSP, CISM, Security+).
- Experience with scripting languages (e.g., PowerShell, Python).
- Knowledge of cloud security best practices.
- Experience with security information and event management (SIEM) systems.
Physical Demands and Abilities
Ability to walk, stand, use computers, lift or exert upwards of 25lbs occasionally, 10lbs frequently. Regularly spend long hours sitting and using office equipment and computers. Regularly move from sitting to standing positions effortlessly. Occasional travel.