Overview:
The Senior Cybersecurity Engineer designs, implements, and maintains security controls to protect Alterman’s information assets. This role leads security engineering initiatives, supports advanced threat detection and response, mentors security staff, and serves as an escalation point for complex security issues. The Senior Cybersecurity Engineer partners with technology teams to embed security into systems and processes. Documentation is central to this role; the Senior Cybersecurity Engineer is expected to thoroughly document all security processes, procedures, configurations, decisions, and operational activities.
Essential Functions:
1. Security Engineering & Architecture: 25%
- Designs, implements, and integrates security solutions, including SIEM, EDR, DLP, and network security technologies, for systems, applications, and infrastructure.
- Develops, maintains, and enforces security architecture documentation, standards, and automation for security operations and incident response.
- Evaluates and recommends security tools and technologies.
- Conducts security assessments and penetration testing.
2. Threat Detection & Response: 20%
- Leads advanced threat hunting, detection, and response activities, including the development and tuning of detection rules, alerts, and correlation logic.
- Performs root cause analysis and leads incident response activities for complex security events.
- Develops and maintains incident response playbooks and procedures.
- Coordinates with external parties, including vendors and law enforcement, during incidents.
3. Access Controls & Identity Management: 15%
- Designs, implements, and manages enterprise IAM solutions, including directory services, SSO, MFA, PAM, and hybrid identity environments.
- Develops, enforces, and governs access controls, including conditional access policies, RBAC models, and access certifications.
- Manages Active Directory, Entra ID, and hybrid identity configurations.
- Administers single sign-on (SSO) and federation services.
- Manages privileged access management (PAM) solutions and policies.
- Partners with HR and business units on joiner, mover, and leaver processes.
- Troubleshoots complex authentication and authorization issues.
4. Compliance & Documentation: 15%
- Supports compliance with regulatory requirements and industry standards (CMMC, SOC 2, NIST) by maintaining documentation, evidence, and audit artifacts.
- Coordinates audit activities, including evidence collection and interviews.
- Supports risk management activities, including enterprise risk assessments, vendor risk reviews, and maintenance of the risk register.
- Develops and maintains security policies, standards, and procedures.
- Monitors policy compliance and manages exceptions.
- Supports security awareness program activities and phishing simulations.
- Tracks and reports on compliance and risk metrics.
5.Vulnerability Management: 10%
- Leads vulnerability management activities, including scanning, assessment, prioritization, remediation tracking, and reporting of vulnerability metrics and trends.
- Partners with IT teams to ensure timely patching and remediation.
6. Mentorship & Collaboration: 10%
- Provides mentorship, technical guidance, and training to Cybersecurity Engineers and other IT staff.
- Partners with Infrastructure, Applications, and Service Desk teams on security matters.
- Serves as an escalation point for complex security issues.
7. Performs other duties as assigned. 5%
Education and Experience:
- Minimum of 5-7 years of experience in cybersecurity, security engineering, identity management, or related IT roles required; OR minimum of 7 years of progressive IT experience with security focus.
- Bachelor's degree in Computer Science, Information Security, Information Technology, or related field preferred; equivalent combination of education and experience will be considered.
- Security-related certifications required (e.g., CompTIA Security+, CySA+, CEH, or GIAC certifications); senior-level certifications such as CISSP or CISM preferred.
- Additional certifications preferred (e.g., Microsoft Identity SC-900/SC-300, CRISC, CISA, CGRC).
- Familiarity with compliance frameworks required (NIST, ISO 27001, SOC 2, CMMC).
Skills/Abilities:
- Expert communication skills with the ability to explain complex security concepts to technical and non-technical audiences and translate technical risk into business-impact language.
- Strong analytical and problem-solving skills.
- Demonstrated ability to mentor and coach technical staff.
- Able to perform effectively under pressure during active security incidents and participate in on-call and after-hours response activities as required.
- Strong ability to develop and maintain security automation and scripting (e.g., Python, PowerShell, Bash).
- Deep understanding of attack techniques, threat actors, defensive strategies, and modern threat detection methods.
- Deep understanding of authentication and identity protocols (e.g., SAML, OAuth, OIDC, Kerberos).
- Strong technical writing skills for developing policies, standards, procedures, and compliance documentation.
- Able to plan, coordinate, and execute security initiatives using effective organizational and project management skills.
- Strong ability to work with enterprise security technologies (e.g., SIEM, EDR, network and cloud security controls, vulnerability management tools, penetration testing platforms, threat intelligence solutions, security orchestration and automation).
- Strong ability to work with identity and access management technologies (e.g., Active Directory, Entra ID, SSO, MFA, PAM, identity governance platforms, zero trust architectures).
- Familiarity with governance, risk, and compliance platforms and tools (e.g., GRC systems, security awareness platforms, documentation and workflow tools).
Work Environment:
- Office environment.
- May require occasional evening or weekend work for critical updates or incident response.
Physical Demands:
- Prolonged periods of sitting at a desk and working on a computer.
- Must be able to lift up to 15 pounds at times.
- Manual dexterity associated with computer data entry required.
