IT Security Engineer

About JSSI For more than 35 years, Jet Support Services, Inc. (JSSI) has been the leading independent provider of maintenance support, advisory services, software, and financial tools to the business aviation industry. With 6,000+ aircraft supported by maintenance programs and software platforms, JSSI leverages this wealth of data, scale, and innovation to drive cost savings and provide custom solutions that align to the interests of each client, regardless of make or model. Learn more at jetsupport.com.JSSI products and services include:Maintenance Programs. Hourly Cost Maintenance Programs to stabilize maintenance budgets, maximize aircraft availability and enhance residual value.Parts & Leasing. Experienced product line specialized team who leverages our All-OEM inventory and global vendor relationships and go beyond parts sourcing to find optimal customer solutions.Software: Traxxall and Conklin & de Decker. Powerful data platforms to help you make more informed decisions, from choosing the right aircraft to tracking your maintenance, inventory, and MRO projects.Advisory Services. Objective insights and independent technical advice from a global team of technical advisors and ASA-accredited appraisers for virtually any business jet, turboprop or helicopter.Aviation Capital. Customized asset-based finance solutions for business aviation.
Position Summary:
The IT Security Engineer is responsible for the ongoing execution of all cybersecurity operational procedures and tasks designed to prevent, identify, remediate, and report on potential security incidents.  He or she will continually assess the organization's security posture relative to the evolving cyber threat landscape and design, implement, and maintain security measures to protect its employees and assets.  

Duties and Responsibilities:

• Monitor ticket queues, security telemetry, and threat feeds to identify and remediate potential security incidents and mitigate risk to the business 
• Prioritize and oversee the remediation of vulnerability, pentest, and security assessment findings 
• Configure and maintain security devices, systems, and tooling according to best practices. 
• Routinely assess network and cloud security posture against best practices 
• Investigate and respond to email phishing alert reports and quarantine release requests 
• Take ownership of and enhance JSSI's Security Awareness Training program 
• Lead a portfolio of cyber security initiatives and projects to continually improve the organizations security posture and program maturity 
• Establish and report on key security metrics 
• Document and improve upon operational procedures with an eye towards efficiency 
• Contribute to incident response planning, security policies, disaster recovery, and business continuity planning 
• Respond to information security audit requests and client due diligence security questionnaires 
• Collaborate with other IT professionals to advise on cyber security best practices 
• Participate in after-hours on-call rotation and respond to critical security alerts after-hours 
• Perform other duties as assigned 

Desired Credentials:

• 5 years' experience in Information Technology roles 
• 3 years' working as a SOC analyst or similar experience 
• Bachelor's degree in Computer Science, Information Security, or a related field 
• Cybersecurity certifications such as CISSP, CISM, or CEH highly valued 
• Excellent written and verbal communication skills 
• Detail orientation and strong analytical problem-solving abilities 
• Ability to effectively prioritize tasks and project in a fast-paced environment 
• In-depth knowledge of networking protocols and experience configuring network security devices such as firewalls and IDS/IPS 
• Experience with EDR and XDR services 
• Experience with the Microsoft Defender Security suite strongly preferred 
• Scripting/query language experience such as Bash, PowerShell, KQL 
• Hands-on experience setting up and querying SIEM tools such as Sumo Logic 
• Knowledge of data privacy and compliance regulations as well as cybersecurity frameworks such as ISO 27001 and NIST 

JSSI is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or other characteristic protected by law.
JSSI does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to our hiring managers or Recruiting Team.