Cyber Security Engineer II

Why were different:

ITRCCs efficiency relies on our team members; at the ITRCC you wont just be part of a company, you will be part of a family who respects their members and strives to cultivate sustainability. We are actively involved in the community, care for the wellbeing of our team members and understand the importance of work/life balance.

Summary:

The incumbent is responsible for safeguarding the organizations information systems by monitoring, analyzing, and remediating security events. The incumbent also supports the implementation and maintenance of cybersecurity strategies and tools.

Relationships:

Internal Directly report to the Head of Cyber Security. Direct interactions to work with and support the internal IT team. Direct interaction with employees from various departments, including supervisors and managers. Direct interaction with security vendors and regulatory entities.

Responsibilities:

General:

o Performs all tasks safely, complies with all internal and external safety requirements, supports ITRCCs safety culture, attends all safety training, and completes all compliance trainings as required by ITRCC.

o Upholds ITRCCs core values:

Community, Actions, Reliability, Excellence and Safety (CARES). Level 1(including General):o Monitor and analyze events from security tools (e.g., SIEM, IDS/IPS, EDR) to detect and respond to cybersecurity threats.o Assist in conducting vulnerability scans, analyzing results, and supporting remediation efforts.o Configure and manage basic settings of security tools, such as antivirus software and endpoint protection systems.o Conduct initial security awareness training and support ongoing educational efforts for employees.o Participate in incident investigations by collecting and analyzing data.o Collaborate with cross-functional teams to address security concerns and support secure system configurations.o All other duties as assigned. Level 2 (including level 1):o Collaborate with internal and external stakeholders, such as auditors and regulatory bodies, to ensure compliance with relevant security requirements, standards, and regulations.o Collaborate with cross-functional teams to design and implement secure network architectures, systems, and applications. o Configure and manage security tools such as intrusion detection/prevention systems, antivirus software, and endpoint protection solutions. Level 3 (including level 2):o Serves as an industry leader in Cyber Security with at Least three relevant certifications.o Manage and oversee contracts and identifies performance issues and resolve such performance issues.o Design and implement network systems, identify KPIs and develop plans to monitor the network.o Manages PCI or NIST compliance with audits and achieves requires compliance and certifications.o •Tier changes can happen if the employee meets the qualifications during the next review period.

Qualifications:

Foundational knowledge of cybersecurity principles and tools Basic experience in monitoring and responding to security events Exposure to network troubleshooting and operating systems administration Basic proficiency with security tools like SIEM and endpoint protection systems Fundamental understanding of networking concepts (IP addressing, protocols like TCP/IP, and basic firewall rules) Familiarity with operating systems (Windows, macOS, Linux). Strong analytical and problem-solving skills

Desirable Experience:

Level 1: 1-2 years of relevant work experience Level 2: 3-9 years of relevant work experience Level 3: 10+ years of relevant work experience

Working Conditions:

This position requires: (Frequent est. 5 hrs. per shift) Frequent sitting, walking and standing Occasional talking and hearing Light physical effort Heavy computer usage Minimum 3 days in office or designated field office per week