Engineer - Cybersecurity
Work Perks
- Flight benefits for you and your family to fly on Frontier Airlines
- Buddy passes for your friends so they can experience what makes us so great
- Discounts throughout the travel industry on hotels, car rentals, cruises and vacation packages
- Discounts on cell phone plans, movie tickets, restaurants, luggage and over 2,000 other vendors
- ‘Dress for your Day’ business casual environment
- Flexible work schedules that support work/life balance
- Total Rewards program including a competitive base salary, short term incentives, long-term incentives, paid holidays, 401(k) plan, vacation/sick time and medical/dental/vision insurance
Who We Are
Frontier Airlines is a leading ultra-low cost carrier headquartered in Denver, Colorado. With a mission to deliver Low Fares Done Right, the company provides affordable, convenient and accessible air travel throughout the U.S., Caribbean, Mexico and Latin America. Frontier’s highly fuel-efficient, all-Airbus fleet is among the youngest and most modern of any carrier within the U.S. That, combined with the airline’s many weight-saving initiatives and focus on operational efficiencies, makes Frontier America’s Greenest Airline.
The HOPE League, Frontier Airlines’ non-profit organization, is dedicated to providing employees financial assistance during catastrophic hardship.
What Will You Be Doing?
The Cybersecurity Engineer will be part of a Cybersecurity team that assesses, designs, implements, troubleshoots, and supports the cybersecurity posture of Frontier’s network infrastructure. The Cybersecurity Engineer will report to the Manager of Cybersecurity Architecture & Engineering, enabling cybersecurity design and implementation efforts to protect Frontier’s network and systems against cyber-attacks and data breaches.
- Research, design, and deploy resilient, reliable, and scalable security controls for IT/business projects.
- Provide technical leadership in designing, implementing, testing, and rolling out of cybersecurity solutions and/or cyber controls in IT/Business projects.
- Collaborate with the IT team to deliver a secure, resilient, and reliable infrastructure environment.
- Participate in and contribute to identification of cybersecurity tools and systems, business continuity planning, and disaster recovery efforts.
- Support cybersecurity service management request queue (incidents/service requests).
- Support and contribute to change control and change approval board functions.
- Execute and improve core functions of incident response including threat detection/prevention, detection engineering, incident response, security monitoring, and digital forensics.
- Assess vulnerabilities and threats to the network, evaluate available security processes and technologies and make recommendations to management and business partners.
- Support cybersecurity incident response efforts, handling escalations with Cybersecurity Operations and managed service providers.
- Research latest security threats, cybersecurity standards/frameworks, and vulnerabilities to assess the organizations threat landscape.
- Provide regular status updates to leadership on ongoing projects, maintenance, and systems support.
- Aid in efforts to maintain compliance with PCI-DSS, TSA, SOX, and other external/internal compliance requirements.
- Provide cybersecurity expertise in evaluation of 3rd party vendor risk management reviews.
- Participate in "on-call" rotations requiring night and weekend availability as scheduled, provide additional availability 24/7, when necessary.
Qualifications
- Bachelor’s degree in computer science, technology, or equivalent combination of education and relevant experience (required).
- 6+ years cybersecurity operations and/or engineering experience required.
- 4+ years in security engineering with hands-on experience with enterprise cybersecurity product type: EDR (SentinelOne, Crowdstrike, or Cylance) (required).
- 4+ years in security engineering with hands-on experience with enterprise cybersecurity product type: Secure Email Gateway (Mimecast, Proofpoint, or Office365 Exchange) (required).
- 4+ years in security engineering with hands-on experience with enterprise cybersecurity product type: Vulnerability Management (Nessus, Qualys, or Rapid7) (required).
- 4+ years in security engineering with hands-on experience with enterprise cybersecurity product type: (SIEM (Splunk, Rapid7, or LogRhythm) (required).
- 3+ years of enterprise firewall administration or auditing experience (required).
- Industry cybersecurity certification: CompTIA: Security+ or Pentest+, CEH, CISSP, OCSP, SANS: GCIH or GSEC, CISSP, ISACA: CISA or CISM, Security+, SSCP, or CCNA (required, or willing to attain within 3 months of start date).
- Hands-on Cloud cybersecurity design and implementation (Azure/AWS) (required)
- Design and implementation of security controls including experience in applying security framework methodologies; to include NIST, Cloud (CSA), wired, and wireless security principles (required)
- Experience with Wireshark and NMAP (required)
- Experience with URL Filtering/Web Proxy management and troubleshooting (required)
- PCI-DSS or other security compliance environment experience (highly desirable)
- Knowledge, Skills And Abilities: Proficient in troubleshooting network/system related issues and effectively manage components in a production environment.
- Strong understanding of attack vectors, common intrusion techniques, threat intelligence, application/host/network security hardening, micro-segmentation, network access control, networking protocols, and enterprise risk management concepts.
- Ability to troubleshoot security, networking, client server, Wi-Fi, and VPN issues.
- Ability to maintain an understanding of industry trends and stay abreast of current vulnerabilities and security concerns, understanding their impact on the organization.
- Expert knowledge of enterprise firewall management and deployment.
- Broad and thorough knowledge of enterprise security systems and devices.
- Proficient in deploying and managing complex Cloud infrastructures (Azure/AWS).
- Knowledgeable in penetration testing and vulnerability assessments and remediation.
- Proficient in network traffic and packet analysis.
- Demonstrable experience working with configuration management/automation tools.
- Ability to remain organized and to elicit cooperation from a wide variety of internal team members and 3rd party providers.
- Work calmly and methodically under pressure and against tight deadlines.
- Able to accurately estimate level of effort and deliver projects within scheduled commitments.
- Ability to quickly learn new systems, devices, and methodologies.
- Excellent written and verbal communication skills, including the ability to write detailed technical documents.
- Willing to work more than 40 hours and some weekends.
- Willing to do On-Call rotation for afterhours and weekend support.
- Communicates clearly and effectively.
- Manages time efficiently and multi-tasks effectively.
- Exceptional customer service skills.