Senior Cybersecurity Engineer
USG · Chicago, IL · 1 wk ago
HybridInformation TechnologyFull-time
About the role
We are seeking a Senior Cybersecurity Engineer to lead advanced cybersecurity operations. This role is crucial for incident response, cyber recovery, and forensic investigation.
Responsibilities
- Design, implement, and maintain secure clean and recovery room environments to support malware-free recovery of critical systems.
- Conduct comprehensive root cause analysis on security incidents, ensuring lessons learned are integrated into our cybersecurity posture.
- Provide expert consultation to internal teams on best practices for hardening systems, networks, and applications against threats.
- Use strong analytical skills to identify patterns, trends, and anomalies in intricate data sets related to security incidents.
- Identify and implement cybersecurity improvements in the design and/or infrastructure of existing systems.
- Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident.
- Ability to respond to multiple incidents at the same time or large-scale incidents.
- Work in an environment containing a mix of on-premises and cloud solutions.
- Competency and understanding in Continuous Integration (CI)/Continuous Deployment (CD) pipeline.
- Ability to apply the MITRE ATT&CK and Killchain frameworks to security operations.
- Collaborate with other departments, ensuring cybersecurity considerations are integrated into all aspects of the business.
- Stay updated with the latest cybersecurity trends, threats, and best practices to ensure the company's defenses are always one step ahead.
- Mentor junior cybersecurity team members, fostering a culture of continuous learning and improvement.
- Assists with deployment and ongoing operational support of cybersecurity products and processes, including Identity and Access Management tools, Data Loss Prevention (DLP) and Data Classification products, Intrusion Detection, Incident Response, Vulnerability & Threat Management as well as other cybersecurity technologies.
- Deploy, configure, and maintain OT security monitoring platforms (e.g., Cisco Cyber Vision, Nozomi Networks, Claroty, Dragos).
- Develops, socializes, and implements product lifecycle roadmaps for supported cybersecurity technologies.
- Acts as the key vendor contact and participates in managing vendor relationships, partnerships, and expectations.
Requirements
- Hands-on experience with: Clean room or isolated recovery environments, Ransomware recovery and cyber resilience programs, Forensic analysis across endpoints, network, and/or cloud.
- Strong track record in Incident Handling and Response, including leading the response to cyber security incidents, including presenting root cause analysis to executive level.
- Technical expertise and depth in two or more of the following areas: Detection creation, threat hunting, cloud security, OT Security, programming/automation, penetration testing.
- Experience with SIEM log analysis.
- Experience documenting and automating repetitive tasks and playbooks.
- Creates and executes plans for cybersecurity projects which include timelines, resolving problems on scheduling, controlling projects, ensuring deadlines are met.
- Understands business needs and provides innovative technical cybersecurity solutions to business opportunities.
- Leads second level technical support efforts, as needed for supported cybersecurity products, processes and services.
- May be required to provide 24-hour on call support.
- Self-driven and able to work without direct supervision.
- Analyzes patterns and trends and recommends/implements innovative solutions within IT and with applicable cybersecurity vendors.
- Trains and mentors new and/or less experienced team members in areas of expertise.
Preferred
- Familiarity with OT/ICS or critical infrastructure recovery scenarios.
- Familiarity with OT security monitoring platforms (e.g., Cisco Cyber Vision, Nozomi Networks, Claroty, Dragos).
- Experience in an information security group in a manufacturing industry.
- Information Security industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP).
Qualifications
- Bachelor's degree in Computer Science or related field.
- A minimum of 7 years of technical experience across one or more given areas with a minimum of 5 years direct hands-on experience with relevant cybersecurity technologies.
Benefits
- Two medical insurance options, as well as vision and dental coverage.
- 401(k) Investment Plan with company match and a pension plan.
- Paid time off and paid holidays.
- Quarterly (hourly) / Annual (salary) bonus potential for all employees based on performance metrics tied to safety, quality, and productivity.