32 applicants

Company

Center for Internet Security · 23 hours ago

Cybersecurity Engineer, Benchmarks (Linux) - Remote

United States

Full-time

Remote

Mid Level

4+ years exp

Maximize your interview chances

AssociationCyber Security

Insider Connection @Center for Internet Security

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Lead and contribute to multiple public volunteer teams identifying, defining, testing, and documenting security requirements for key Linux/Unix technologies (security relevant configuration settings)

Leverage CIS tools to develop, test, and deliver Benchmark prose (Microsoft Word, PDF, and Microsoft Excel), AAC (InSpec, SCAP, XCCDF, OVAL, etc.), and Build Kits (Ruby, Python, Bash, etc.)

Coordinate internal/external resources for development and testing of Benchmark deliverables, and directly contribute to achieve deliveries on schedule (based on technical expertise)

Develop test plans for Benchmark recommendations, AAC, and Build Kits

Coordinate testing internally/externally and validate results

Mentor and coach junior team members in a technical capacity

Other tasks and responsibilities as assigned

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

LinuxUnixShell scriptingPythonBashInSpecAnsibleCybersecurity conceptsCIS BenchmarksSecurity testingProject managementConfiguration managementRuby(ISC)2 CISSPPMI PMPSecurity policySCAPJiraConfluenceAgile processes

Required

Bachelor's degree in a related field

4+ years of hands-on experience managing/administering multiple computer systems in an enterprise (Linux and/or Unix)

3+ years of shell scripting development/debugging experience in Linux and/or Unix environments (Bash, Python, InSpec, Ansible, etc.)

2+ years of team leadership experience including project management, coaching, and mentoring

2+ years of experience in the practical application of cybersecurity concepts including implementing and/or assessing network, application, and/or operating system security controls

Experience working in a diverse geographically distributed community (open-source software development, standards development, etc.)

Experience developing or implementing standardized configuration security guidance (CIS Benchmarks, DISA STIGs, vendor guidance, etc.)

Experience with testing software and/or system security configurations

Must be authorized to work in the United States

Preferred

Linux configuration management experience (InSpec, Chef, Puppet, Ansible, etc.)

Python and/or Ruby programing experience

(ISC)2 CISSP certification

PMI PMP certification

Experience developing and enforcing security policy across an enterprise (PCI, HIPAA, NIST CSF, etc.)

Experience within the security automation domain, including expertise in Security Content Automation Protocol (SCAP) related schemas, such as Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Configuration Enumeration (CCE) and Common Platform Enumeration (CPE), Open Security Controls Assessment Language (OSCAL), etc.

Proficiency using Atlassian products Jira and Confluence

Experience with Agile processes

Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.