Senior Cyber Security OKTA Engineer

Research, implement and manage tools used for proactive monitoring of security threats. Manage incident response, conduct internal reviews on a periodic basis to measure compliance with policy and assist in external audits and assessments.  Develop culture of security and conduct ongoing security awareness program. Assist in establishing company information security program.  Active participation in all projects for security requirements to ensure that all projects incorporate security requirements.   Ensures that technology risks are identified and managed according to the risk culture of the enterprise and advises management about risks to the business due to the implementation of technology used to operate the business. S/he will also perform compliance activities to ensure the successful implementation of the program and consult with technical and business teams regarding their changing business and technical plans to ensure that information security issues are addressed early in a project's lifecycle. 

• Configure and install security infrastructure including but not limited to firewalls, VPN, IDS/IPS, Anti-Malware and web/mail Filtering solutions.
• Investigate intrusion incidents, conduct forensic investigations, and mount incident responses.
• Implement and upgrade security measures and controls.
• Perform vulnerability testing, risk analyses and security assessments.
• Recommend and install appropriate tools and countermeasures.
• Create new ways to solve existing production security issues.
• Collaborate with colleagues on authentication, authorization, and encryption solutions.
• Evaluate new technologies and processes that enhance security capabilities.
• Participate in evaluating new hardware and software technologies and provide an assessment of the risks/vulnerabilities and recommend mitigation strategies. 
• Test security solutions using industry standard analysis criteria.
• Implement strategies to improve the reliability and security of IT projects.
• Defend systems against unauthorized access, modification and/or destruction.
• Development and maintenance of the Company information security program, including policies, standards and guidelines to protect information against unauthorized modification or loss.
• Act as a liaison on security matters between Internal Audit and IT, reviewing all audit reports and responses to ensure timeliness and effectiveness of corrective actions. 
• Contribute to the evolution of the risk analysis and IT workflow processes.
• Provide management with regularly scheduled "State of the Information Security Program" reports. 
• Advise management of changes in the technical, legal and regulatory arenas affecting information security and computer crime. 
• Develop and foster relationships with both business and technology customers and maintain strong relationships with technical teams. 
• Develop Security requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), firewalls, web/mail filters, SIEM, IDS/IPS and related network security infrastructure.
• Investigate intrusion incidents, conduct forensic investigations, and mount incident responses.
• Create and execute strategies to improve the reliability and security of IT projects.
• Plan the implementation of new security measures and controls.
• Define, implement, and maintain corporate security policies and procedures.
• Analyze and advise on new security technologies and program conformance.
• Development and maintenance of the Company information security program, including policies, standards, and guidelines to protect information against unauthorized modification or loss.
• Development of incident handling framework and consults with management in times of an information security crisis to ensure that the crisis is managed properly both internally and externally.
• Serve as a member of the technical advisory committee to evaluate new technology resources for program compliance. 
• Responsible for security project resource planning, justification, and acquisition, including the recruitment, hiring and development of human resources as needed. 
• Oversee security awareness programs and educational efforts.
• Mentors less senior Cyber Security Engineers. 

EDUCATION 

• Bachelor’s degree in computer science or related field required. 
• Combinations of relevant education and experience may be considered in lieu of a degree.
• Continuous learning, as defined by the Company’s learning philosophy, is required. 
• Certification or progress toward certification is highly preferred and encouraged.

EXPERIENCE

• 10 years of progressively more responsible experience in an IT, information security, multiple computing environments, information security applications, or related environment with demonstrated technical knowledge which provides the necessary skills, knowledge, and abilities.
• OKTA experience preferred.
• Certifications in GIAC, CISSP, SSCP, CISM, CEH, CISA, or Security+ preferred.

QUALIFICATIONS 

• Ability to research security utilizing various resources.
• Thorough knowledge of the Internet as an information resource and related networking and security technologies.
• Thorough knowledge of OSI layers 1-4
• Advanced knowledge and experience with Palo Alto Next-Generation Firewalls
• Hands on experience in multiple security areas such as: Intrusion Detection Prevention, Enterprise Anti-Virus, Identity and Access Management, Threat Management and Vulnerability Management.
• Excellent oral and written communication skills.
• Ability to effectively present budgetary and/or cost information and respond to questions as appropriate.
• Ability to establish work flows, manages multiple projects, and meet necessary deadlines.
• Works with minimum supervision and exercises sufficient discretion and independent judgment.
• Demonstrated leadership abilities.
• Ability to effectively exchange information clearly and concisely, and present ideas, reports facts and other information, and respond to questions as appropriate.
• Ability to prepare necessary reports, spreadsheet development and cost analysis.
• Ability to maintain confidentiality.
• Ability to work varying hours, including evenings, weekends and holidays as required.
• Ability to perform other assignments at locations outside the office.
• Ability and proficiency in the use of computers and company standard software specific to position.

WORKING CONDITIONS:  

Work is performed in an office setting with no unusual hazards.  Frequent travel is required with some overnight stays. 

PAY RANGE:  

Actual compensation decision relies on the consideration of internal equity, candidate’s skills and professional experience, geographic location, market and other potential factors. It is not standard practice for an offer to be at or near the top of the range, and therefore a reasonable estimate for this role is between $80,900 and $211,900.

#AF-AD1