Apply on Employer Site

Muckleshoot Indian Tribe · 1 day ago

Senior Systems Security Engineer

US-WA-Auburn

Full-time

Onsite

Mid, Senior Level

4+ years exp

Muckleshoot Indian Tribe is seeking a Senior Systems Security Engineer to ensure the confidentiality, integrity, and availability of their computer systems and information. The role involves securing internal and cloud information systems, maintaining compliance with cybersecurity best practices, and collaborating with IT staff and community members.

Government Administration

Responsibilities

Design, engineer, and architect all aspects of systems security, business continuity and disaster recovery

Monitor all security solutions, investigate all alerts, and respond appropriately to all identified security threats, incidents, and/or compromise

Research, develop and implement a secure AI strategy from the perspective of systems security

Maintain the accuracy and success rate of all vulnerability and patch management solutions

Manage, configure, and operate the SIEM/SOAR security solution

Conduct security scans and penetration testing to validate and remediate the security posture of information systems

Conduct threat hunting within our internal systems environment

Develop a training apprenticeship program to develop in-house cybersecurity skillsets for junior personnel. Provide On-The-Job mentorship, create training material and virtual labs

Because of the Tribe's commitment to community service and the well-being of its members, each employee may be expected to perform a wide range of office and field duties from time to time. Such duties may or may not be related to their regular responsibilities

Qualification

CISSPCISMCASP+Penetration TestingVulnerability ManagementPythonPowerShellSIEM/SOARNIST ComplianceCollaborationCommunication SkillsProblem-SolvingAttention to Detail

Required

Master's degree in Computer Science or a closely related field and four (4) years of related industry experience; or Bachelor's degree in Computer Science or a closely related field and six (6) years of related industry experience; or Associate's degree in Computer Science or a closely related field and eight (8) years of related industry experience; or Ten or more (10+) years of directly related industry experience in lieu of a degree

Strongly desired: ISC2 - Certified Information Systems Security Professional (CISSP)

Strongly desired: Microsoft - Cybersecurity Architect Expert (SC-100)

Strongly desired: ISACA - Certified Information Security Manager (CISM)

Strongly desired: CompTIA - CompTIA Advanced Security Practitioner (CASP+)

Research and recommend patching for known threats and zero-day vulnerabilities

Conduct internal information system risk assessments to recommend and implement changes to procedures, systems, or infrastructure to enhance security and/or address non-compliance with information security standards

Research new technology requests and recommend appropriate security guidance

Recommend new technology and tools to advance the overall security posture and adapt to the emerging threat landscape of our environment

Provide security training and awareness campaigns to help educate staff

Manage the risk registry and provide appropriate recommendations and accountability

Assist and provide guidance to lower-level team members with assigned duties and responsibilities

Assist and take instruction from direct leadership with duties and responsibilities as assigned

Requires ability to appropriately manage and handle highly confidential information

Requires ability to remain focused, self-motivated, and initiative-taking while working independently or on a team, regardless of working onsite or remotely with little to no instruction

Requires planning, organizing, and working on multiple tasks at one time with tight time constraints

Requires ability to identify the most important tasks and prioritize accordingly

Requires ability to implement a logical and structured approach to time management

Requires ability to demonstrate a high level of professionalism and show respect to all co-workers, patients, business partners, and members of the public

Requires ability to demonstrate a strong collaborative mindset, share knowledge, and function as a contributing member of the team

Requires ability to work effectively with all levels of the organization and broad technical understanding, while providing excellent customer service

Requires ability to demonstrate a high level of communication skills, both verbal (meeting organizer, training, etc.) and written (E-mail, IT policy, documentation, etc.) to C-level executives, auditors, end users, and engineers

Requires ability to quickly learn, conduct own research as necessary, and retain information

Requires ability to quickly understand information systems to identify and validate security requirements

Requires ability to stay up to date on all current cybersecurity events and zero-day exploitations

Requires ability to demonstrate strong critical-thinking and problem-solving skills

Requires ability to demonstrate acute attention to detail

Professional experience penetration testing and Kali Linux

Professional experience with various AV/EDR, SIEM/SOAR and SOC management

Professional experience with vulnerability management and patch management

Professional experience with hardening ADUC, GPM, and OS environments such as Windows, Linux, MacOS, VMware, etc

Professional experience with ADFS, SAML, API, SSO, and MFA

Professional experience with scripting languages and automation such as Python, PowerShell, etc

Professional experience with Azure, M365, Defender for Identity, Purview, Intune, and Entra ID

Professional experience with ADCS, PKI/certificate authority, and OpenSSL

Professional experience with HA and BCDR

Professional experience with security frameworks such as NIST and CIS Controls, as well as regulations such as PCI-DSS, HIPAA, and FERPA from the perspective of systems security