Cyber Security Engineer IV chez Communications & Power Industries

The Cyber Security Engineer is responsible for protecting and supporting the CPI Enterprise from all cyber threats with current and future infrastructure/services. This includes email, O365, internet security both on and off network, web proxies, secure external access services, endpoint protection, and restrictive ingress/egress policies. The Cyber Security Engineer will also be the Subject Matter Expert (SME) for security automation, DevSecOps, Linux security, application control, 3^rd party SOC integration, and other zero trust security architecture solutions.  The successful candidate will deliver and support a secure user experience that protects and enables the business while making it better, faster, stronger.

You must be a U.S. Citizen in order to be considered.

YOU WILL BE ACCOUNTABLE FOR:

• Operational support of the Enterprise Environment
• Monitor and analyze security alerts from various monitoring tools, including SIEM solutions
• Ticket resolution/reduction
• Identifying, investigating, and mitigating security incidents
• Conduct vulnerability assessments and remediations
• Endpoint security stack, Proxy, Email, and application control
• Security automation including programing in Python, PHP & Powershell
• Development of DevSecOps processes and procedures, including management of supporting security solutions
• Linux security and system administration
• Cloud access security
• Development and implementation of security awareness training initiatives for employees
• Tool reduction/optimization
• Integrates/interfaces with Governance, Risk, and Compliance initiatives including CMMC, BCP, DRP
• Responsible for the administration and support of network-centric service applications and technologies to support the operational and security stance of the Enterprise.
• Maintains third-party vendor relationships including tracking trouble tickets, code updates, and bug fixes.
• Supports Enterprise IT and Business objectives, to provide secure standardized solutions to company initiatives and goals.
• Able to travel 5-15% both domestically and to Canada.
• Other duties as assigned.

YOU ARE THE RIGHT PERSON FOR THIS JOB IF YOU HAVE:

• US Citizen
• 5+ years of experience in Security infrastructure
• Experience securing non-Windows systems
• Experience creating and maintaining a secure software development process/environment
• Understanding of Zero Trust Security Architecture principles
• Understanding of network security, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection
• Experience troubleshooting implicit and explicit proxies, Host Based Firewall (HBFW) policies, and endpoint security stack
• SOC/IRT experience or security analysis skills
• Knowledge of SOC integrations and ability to react to a wide range of cyber security challenges
• Experience with cloud security concepts (AWS, Azure, Google Cloud)
• Proficiency in Windows and Linux environments
• Ability to improve security processes and tasks through automation
• Ability to work with local contacts (including non-IT)
• Team player who thrives in collaborative environments and is committed to team success
• Effective working in a remote environment within a distributed organization
• Self-starter with excellent organizational and time management skills
• Strong familiarity with NIST SP 800-171
• Familiarity with software development and SBOM compliance under EO 14028 per NIST SP 800-218 - Secure Software Development Framework (SSDF) and NIST Software Supply Chain Security Guidance
• Familiarity with application code security controls, for example, SAST (Static Application Security Testing), SCA (Software Composition Analysis), and DAST (Dynamic Application Security Testing)
• Familiarity with application code security standards including OWASP Application Security Verification Standard (ASVS), ISO 27034, CIS Control 16 – Application Software Security

Preferred Skills and Qualifications

• Experience implementing and administering of vendor-agnostic technologies such as application control engines, next-generation firewalls, monitoring, automation, and 802.1x/network access control (NAC)
• Documented experience scripting common repetitive tasks, and leveraging APIs from various vendors to automate inter-vendor actions
• Programming/scripting proficiency
• Experience migrating on-prem data center workloads to public clouds, and the associated methodologies (lift and shift, refactor, etc.)
• Familiarity with all layers of the TCP/IP stack
• Experience with mergers, acquisitions, divestitures & integrations
• Experience working in a large enterprise environment

Shaping the future through innovation and discovery!

 With a history spanning more than seven decades, Communications & Power Industries’ thousands of products have impacted people’s lives in numerous unseen ways every day. Our highly engineered products serve as the backbone of modern-day commercial and military communications systems, assist in diagnosing medical conditions, empower scientific discoveries and space exploration, and much more.

CPI is headquartered in Plano, Texas and is a global manufacturer of electronic components and subsystems. We have manufacturing locations in the United States, Canada, Europe, and Asia. With a heritage of technological excellence, our team serves customers in the communications, defense, medical, industrial, and scientific markets.

WHAT WE OFFER:

Whether you are a seasoned professional or just embarking on your career, CPI is an ideal place to expand your knowledge and expertise. We cultivate a healthy, dynamic, and team-oriented environment that empowers our employees to develop, create and deliver innovative, reliable technology solutions to power, connect, protect, and support a better tomorrow.

We offer our employees an attractive compensation package with competitive salaries and comprehensive benefits, including health and wellness programs, career development, generous retirement savings plan with company match and more!

WHO WE ARE:

We value the unique and diverse skills, qualities, and backgrounds that each employee brings to CPI, and we respect each employee as an integral member of our growing team. CPI is committed to providing equal employment opportunities for all current and prospective employees, as well as to promoting a culture of inclusion and respect for everyone. We celebrate the innovation that diversity creates in the work environment, and we recognize that each employee brings their own unique capabilities, experiences, and perspectives to the organization. It is this variety that adds value to our teams, as well as to our stakeholders. We welcome and encourage applicants to reach their full potential with us.

CPI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability or other applicable legally protected characteristics. 

#LI-KC1