- Entry level
- No Education
- Salary to negotiate
- Greenwood Village
Client Reference Code: 250100
Responsible for leading the engineering activities that evaluate cyber security risk and potential security threats to the company's ISP, Video, Voice, software and cloud systems. This position will work closely with network engineering, video engineering, product groups and technical operations staff performing cyber security risk assessment and management of existing and new business technologies and tools improve security operations, risk management processes and as security threats and vulnerabilities are detected and coordinate the response to mitigate and remediate the threat to Charter's network. Assessor will be a part of a team that conduct's the threat management and risk assessment processes for network security operations and communicate to executive leadership.
DUTIES AND RESPONSIBILITIES:
- Recommend and implement processes and controls through risk assessment that establish appropriate governance structures for managing risk according NIST and other frameworks.
- Advise and provide consulting on security counter-measures.
- Implement, maintain and monitor threat intelligence data from various resources that is relevant to Charter's networks and systems.
- Actively advises on and evaluates the impact of cyber threats.
- Recommend design security processes and solutions used by Network Security Operations.
- Develop security requirements for new projects and perform the security risk assessments prior to going into production.
- Perform and coordinate engagements with 3rd party service providers to perform ongoing security testing on critical assets.
- Ensure compliance with security standards, policies and procedures.
- Adhere to industry specific local, state, and federal regulations, as applicable.
- Bachelor's Degree in Computer Science, Information Security or related field and/or related work experience
- Minimum of Eight (8) years of IT/Network Engineering experience
- Minimum of Eight (8) years of Cyber Security experience
- Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner.
- Proficient knowledge of network and system security vulnerabilities and exploits. Must understand what is required to prevent security exploits, how to detect security attacks and anomalies and how to respond to security incidents and intrusions.
- Knowledge of related industry specifications and standards NIST, CSRIC, Firewalls, Intrusion Detection and Prevention, DNS, Routing, Ethernet and Transport technologies and protocols.
- Experience with network security design, network security architecture, TCP/IP protocols and topology.
- Related experience in conducting risk assessments across the organization, mission and business processes.
- Proficient knowledge in cloud based applications, platforms and services security.
- Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change.
- Understanding of ownership of a project/program and the ability to execute on that with accountability.
- Exhibit leadership skills working with cross-functional teams.
- Subject Matter Expert (SME) with cybersecurity solutions and critical controls as you will be expected to consult and perform assessments against these items and architecture.
- Have information security experience in a variety of industries and company types to show a depth and breadth of security acumen.
- Excellent verbal communication and written composition skills with experience and confidence providing reports and consultation to internal clients and executive level staff.
- A keen ability to discuss, consult on, and drive solutions around the Common Body of Knowledge (CBK) which is a comprehensive compilation of all the relevant subjects a security professional should be familiar with.
- Current security certifications, such as CISSP, ISACA, and SANS GIAC. Firewall, Intrusion Detection Systems, and/or other security technologies engineering
- Information Security Risk Management
- Cyber-security Consulting
- Office Environment
- May require some weekends and evening shift work
- Minimal Travel Required
Job Code : ESE601 Principal Security Engineer I Exempt