Job Information
SCI Shared Resources, LLC Cybersecurity Engineer in Houston, Texas
Our associates celebrate lives. We celebrate our associates.
Consider the possibilities of joining a Great Place to Work!
The Cyber Security Engineer assesses, designs, builds and maintains systems ensuring the confidentiality, integrity, and availability of organizational systems and data. As a technical security expert, drive continuous improvement. This role’s primary responsibilities are in the areas of Exposure Management, Automation, Orchestration, and Integration.
JOB RESPONSIBILITIES
Security Operations
Analyze security systems and capabilities, seeking to continually improve.
By way of expert understanding and use of security solutions, support Incident Response.
Develop integrations between hardware and software solutions to provide security outcomes by leveraging orchestration, automation, and correlation.
Analyze emerging security threats, and identifies gaps in existing tooling and capabilities. Makes necessary changes to address identified gaps.
Contribute to the development and improvement of best practices and security standards for the organization.
Translate technology and environmental conditions (e.g. law and regulation) into system and security designs and requirements.
As required, create security documentation, and other written work products to ensure important information is captured, shared, and retained.
Implement and Manage Security Solutions
Identify, assess and recommend risk-appropriate security solutions to provide for the confidentiality, integrity, and availability of organizational systems and data.
In partnership with IT and Security Architecture, plan, research, design, and implement robust security solutions. Test solutions to ensure they achieve the expected outcome.
Develop and maintain documentation of security solutions.
Provide for the routine maintenance, patching, major updates, and other administrative considerations for security tooling.
Exposure Management and Integrations
Serve as technical subject matter expert for implementation and maintenance of Exposure Management Tools (i.e. Vulnerability Management, Cloud Security Posture Management, Software as a Service Security Posture Management, Policy Compliance, Attack Surface Management) and Unified Vulnerability Management reporting tools
Utilize knowledge of tools listed above and security best practices to detect, analyze, and report vulnerabilities to internal stakeholders to drive visibility and remediation
Create custom script-based solutions to deliver necessary data and functional integrations between tools, automate manual tasks, and supplement gaps in existing tools and disparate data sets
Contribute to the development of automation and orchestration commands in security platforms such a Security Orchestration and Automation (SOAR)
Advise on security strategy and operational plans; execute as technical SME
Optimize tooling to meet security and operational initiatives and business objectives
Identify and implement and manage native integrations between technology solutions, resulting in increased leverage of network and email security tools and capabilities
Collaborate with internal stakeholder organizations to support them with data, functionality, and improvements delivered by tools and processes within area of responsibilities
Minimum Requirements
Education
- High School Diploma or equivalent required
Certifications
- Prefer at least one of the following certifications: Security+, Network+, GSEC, Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), CISSP
Experience
Minimum five (5) years of Cyber Security experience, preferably in a Security Engineer position with hands-on Exposure Management and Integration Engineering responsibilities.
Preferred experience with the following:
Implementing and managing Vulnerability Management and Policy Compliance platforms such as Qualys, Rapid7, and Crowdstrike
Implementing and managing Cloud Security Posture Management tools such as Crowdstrike, Orca, Wiz, and Prisma Cloud
Creating and using sourced scripts and code to build integrations, orchestration, automation, and data transform between a variety of tools and data sources; preferred experience with Python and Powershell
Creating and updating automation and orchestration commands to facilitate efficient incident response as part of a Security Orchestration Automation and Remediation (SOAR) platform
Security compliance frameworks (NIST, CIS, etc.)
Applying the aforementioned skills and experience in cloud environments (Azure and AWS preferred)
Deep technical background in one or more foundational IT concepts (network, server, AppDev, DevOps, Cloud platforms, Data Analytics)
Knowledge, Skills and Abilities
Demonstrated knowledge of a wide variety of technical concept areas such as data center, cloud, endpoints, and application services
Demonstrated strong knowledge of Python and/or other scripting languages (Powershell preferred)
Demonstrated strong knowledge of vulnerability management concepts including CVEs, CWEs, and compliance based policy evaluations (i.e. CIS, NIST, PCI)
Demonstrated knowledge of modern threat actors, malware, and TTPs
Computer literate and proficient with MS Office, Word, Excel, and Power Point
Work Conditions
When considering the work environment associated with this job, the following factors may apply:
Work Environment
Work is primarily indoors
Professional dress is required when in contact with families.
Work Postures
Frequent, continuous periods of time sitting or standing, up 6 hours per day
Frequently climbing stairs to access buildings
Physical Demands
- Physical effort requiring manual dexterity is required, includes paperwork, calculators, computers and phone usage
Work Hours
May work beyond standard hours as business needs arise
Limited amount of local travel
Rotational on-call responsibilities
Postal Code: 77019
Category (Portal Searching): Information Technology
Job Location: US-TX - Houston
Job Profile ID: C00874
Time Type: Full time
Location Name: SCI Corporate Office II