Apply on Employer Site

UCOR · 1 day ago

Cybersecurity Specialist/Engineer

Oak Ridge, TN

Full-time

Onsite

Senior Level, Lead/Staff

$100K/yr - $125K/yr

10+ years exp

UCOR, a leading entity in environmental cleanup, is seeking a highly experienced and strategic Cybersecurity Specialist/Engineer to join our critical information security team. This role is pivotal in safeguarding the digital infrastructure and sensitive data, requiring a professional with a deep understanding of advanced cyber threats and robust defense mechanisms.

CleanTechEnvironmental EngineeringWaste Management

Responsibilities

Lead the development and implementation of enterprise-wide cybersecurity strategies, policies, and best practices

Architect and deploy advanced security solutions, ensuring alignment with organizational objectives and regulatory requirements

Conduct in-depth vulnerability assessments, penetration testing oversight, and proactive threat hunting to identify and remediate sophisticated attack vectors

Direct and manage complex security incidents, from detection and analysis to containment, eradication, recovery, and post-incident review

Design and enforce robust identity and access management frameworks, including multi-factor authentication and privileged access management

Develop and implement secure network architectures, including advanced segmentation, intrusion detection/prevention systems (IDS/IPS), and perimeter defenses

Leverage advanced cyber threat intelligence to anticipate, detect, and neutralize emerging threats, protecting critical data and systems

Establish and maintain data classification, encryption, and data loss prevention (DLP) strategies for data at rest, in transit, and in processing

Lead comprehensive risk assessments, develop mitigation strategies, and present findings to senior leadership to inform strategic decision-making

Drive continuous improvement through the evaluation and adoption of new security technologies and methodologies

Mentor and provide technical leadership to junior cybersecurity personnel

Qualification

Cybersecurity strategiesVulnerability assessmentsIncident responseNetwork security controlsCloud SecurityScripting languagesCybersecurity toolsCryptographic principlesRisk assessmentsAnalytical skillsEthical mindsetIdentity governanceCompliance knowledgePenetration testingCommunication skillsMentoringAdaptability

Required

Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related discipline and 10+ years of progressively responsible experience in cybersecurity; OR

Associate's degree or technical diploma/degree in Information Technology or a related field and 14+ years of relevant experience in cybersecurity; OR

18+ years of Enterprise-level IT experience with a significant focus on cybersecurity administration, support, and oversight

Expert-level understanding of the technical intricacies of data transmission and advanced data security architectures

Deep technical expertise in network and system administration, encompassing complex enterprise environments

Advanced technical knowledge of network security controls, including sophisticated Virtual Private Networks (VPNs), firewalls, and intrusion detection systems

Comprehensive technical knowledge of Cloud Security principles (SaaS, PaaS, IaaS), Internet of Things (IoT) security protocols, and Artificial Intelligence (AI)/Machine Learning (ML) security implications

Mastery of operating systems and virtualized environments, including Windows, Linux, and containerization technologies

Proficiency in scripting and programming languages relevant to cybersecurity (e.g., Python, PowerShell)

Extensive experience with advanced cybersecurity tools and frameworks, such as SIEM platforms, EDR/XDR, SOAR, and forensic tools

Advanced understanding of cryptographic principles and their application in securing data and communications

Exceptional analytical and problem-solving skills with meticulous attention to detail

Demonstrated ethical mindset and unwavering commitment to information security principles

Proven ability to rapidly adapt to evolving technologies and sophisticated security threats

Expertise in managing complex identity and access governance programs

Comprehensive knowledge and practical experience in leading threat detection, vulnerability analysis, incident response, and disaster recovery efforts

In-depth understanding of cybersecurity frameworks (e.g., NIST, ISO 27001), regulatory compliance (e.g., NERC CIP, RMF), and industry best practices

Proficient in advanced penetration testing methodologies and red team/blue team exercises

Superior communication skills, with the ability to articulate complex technical concepts to diverse audiences and produce clear, concise reports