Sign upLog in

IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity

Southwest Research Institute

San Antonio, TX

Apply
JOB DETAILS
JOB TYPE
Full-time, Employee
SKILLS
Analysis Skills, Application Programming Interface (API), Automation, Cloud Computing, Computer Security, Data Analysis, Driver's License, Endpoint Security, Enterprise Protection, Firewalls, High School Diploma, IR (Infrared), Incident Response, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Internet Application, Internet Security, Intrusion Prevention Systems, Linux Operating System, Load Balancing, Microsoft Product Family, Microsoft Windows Desktop, Microsoft Windows Server, NeXT Systems, Network Administration/Management, Network Security, Network Support, Penetration Testing, Scripting (Scripting Languages), Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Subnetting, System Lifecycle, System Operations, Systems Administration/Management, TCP/IP (Transmission Control Protocol/Internet Protocol), Technology Analysis, Test Program, VLAN (Virtual Local Area Network)
LOCATION
San Antonio, TX
POSTED
12 days ago
Who We Are:

Cybersecurity Operations’ mission is to secure the enterprise by evaluating, implementing, and operating a full suite of tools and services. We are responsible for configuring, engineering, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention and incident response as well as security orchestration and automation. As part of the Cybersecurity team, the candidate will be part of the technology assessment and implementation process as well as operations and response, candidates will engage in the full security system lifecycle.

Objectives of this Role:
  • Provide cybersecurity analysis and support in an Enterprise environment.
  • Deploy, configure, and maintain security applications.
  • Maintain and provide continuous security configurations of cybersecurity infrastructure.
  • Research, recommend, evaluate, and deploy new cybersecurity technologies and capabilities.
Daily and Monthly Responsibilities:
  • Participate in daily review of alerts and incident response (IR) activities.
  • Effectively document system configurations, findings, and results of IR activities.
  • Monitoring and maintaining Endpoint Protection and Response (EDR) and Security Orchestration, Automation and Response (SOAR) systems, Enterprise Vulnerability Management and Penetration Testing programs.
  • Monitoring and maintaining Next Generation firewall systems and policies and L3/L7 Load-balancing and Web Application Firewall (WAF).
  • Support and management of Privileged Access Management (PAM) solution.
  • Participate in the support and management of the Enterprise Security Information Event Management (SIEM) solution to include advanced reporting, data analysis and correlation.
  • Participate in the support and configuration of the security for Microsoft O365 Entra ID cloud services.
Requirements:
  • Requires a Bachelors degree in Cybersecurity, IT Operations, or related degree with relevant experience. In lieu of a Bachelors degree 5 years of Cybersecurity and/or IT administration experience. a high school education or equivalent and related certifications is required.
  • 3 years: Relevant Cybersecurity and/or IT administration experience with a Bachelors degree.
  • 3-7 years: Experience working with incident response and/or network security platforms such as Endpoint Protection, Threat Intelligence, Security Orchestration Automation and Response.
  • 3-7 years: Experience with administration of modern operating systems (e.g.- Windows Server, Windows Desktop and Linux).
  • Experience with network fundamentals (TCP/IP, Vlans and network subnetting) as well as scripting, development, and utilizing application programing interfaces (API).
  • A valid/clear driver's license is required.

About the Company

S

Southwest Research Institute