Engs Commercial Finance Co

Commercial Finance, Working Capital, and Commercial Insurance

Job Purpose Statement

ENGS Commercial Finance is seeking an experienced Cyber Security Specialist to provide overall information security analytical support services for the support of the ENGS IT Infrastructure, including Network, Email, and Application Systems.

Performs advanced analysis of adversary tradecraft, malicious code, and capabilities. Provides cyber threat and intelligence analysis and develops briefings and reports to distribute and aid in information sharing and protection efforts. Develops and maintains subject matter expertise of Advanced Persistent Threats and assists with Incident Response efforts.

Serves as the expert responsible for providing expert cyber threat and intelligence technical support for all ENGS locations. Required to provide support to monitor, correlate, identify, analyze, mitigate, manage and track processes for all security incidents.

Responsibilities

  • Plan, implement, upgrade, and/or monitor security measures for the protection of ENGS Commercial Finance computer networks and information systems
  • Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
  • Respond to Classified Message Incidents (computer security breaches and viruses) in a timely manner using current ENGS Security policies, procedures and regulations
  • Proficient in Risk Management Framework terminology, processes, characterization models, etc.
  • Analyze alerts from various enterprise level sensors sand determine possible causes of alerts
  • Creating and leading processes that support the analysis of log files from a variety of enterprise level systems and sensors to include individual host logs, network traffic logs, firewall logs, and intrusion detection / prevention system logs
  • Monitoring external and internal data sources to maintain enterprise threat conditions
  • Provide advanced network event analysis and intrusion analysis
  • Work with cross-functional disciplines to develop a Cyber Security Plan
  • Implement and document industry standard prevention, detection, and response measures
  • Work with third parties to coordinate annual penetration testing
  • Lead efforts to implement recommendations from penetration tests
  • Attend conferenced and other Cyber Security Educational training to ensure company remains current in understanding evolving cyber threats, best practices and avoidance techniques

Qualifications

  • Bachelor of Science degree in information technology or related field
  • Five to seven (5-7) years of relevant experience in related field
  • Experience with regulatory Requirements (SOX / Privacy / Banking)
  • Ability to brief/work with IT leadership and high-level stakeholders
  • AlienVault Experience (AlienVault Anywhere preferred) Experience
  • TrendMicro – experience a plus
  • Thycotic – experience a plus
  • Certifications – CISSP or CCSP a plus

Department: Information Systems