ALS provides a broad range of testing and analytical services to a wide variety of end markets and industries around the globe. We continue to remain at the forefront of the testing services industry, building an enviable reputation.
Position Duties and Scope:
The Cyber Security Engineer will coordinate, develop, evaluate, implement, and administer security and compliance programs and policies. This individual will be primarily responsible for ensuring that proper IT security monitoring and other requisite compliance/controls are applied to the technology systems in accordance with established policies, procedures, and standards.
- Work with regional IT leaders and staff to identify, understand, plan and implement security measures, controls, and procedures. This includes the design of secure and stable systems, enhancements, and support processes/systems to meet external and internal customer requirements.
- Develop, implement, and maintain company security policies and incident management & response procedures.
- Ensure the implementation of monitoring and controls to protect integrity and availability of information services for the business.
- Create action plans to implement relevant tools and processes. Work closely with the appropriate IT Operations staff to execute and support these plans/actions.
- Review, update, and manage the documentation, testing and validation of security controls.
- Assist technical teams with administration/implementation of secure systems, including intrusion detection/prevention, data leakage prevention, content filtering, firewall compliance, vulnerability, and security event management.
- Administer intrusion detection and prevention systems.
- Actively monitor security access; monitor systems and networks for potential intrusion and inappropriate internal and external access.
- Analyze security breaches to determine their root cause. Prepare and review reports of security incidents.
- Lead security audits.
- Manage remediation plans toward closure.
- Provide security status reports to the CIO and Chief Risk and Compliance Officer.
- Provide guidance and support for the Service Desk and IT Support staff in the handling of security related issues.
- Develop and deliver training and awareness programs on security policies and protocols.
- Stay up-to-date on the latest intelligence, including hackers’ methodologies, to anticipate security breaches.
- Contribute to the ongoing improvement of IT services.
Occupational Health & Safety Responsibilites:
- Understand and adhere to ALS requirements for health and safety.
- Bachelor’s degree in computer science or related field is preferred.
- Relevant certifications such as CISSP, CISM, CISA, …
- 5-9 years’ experience with cyber security and audit in an international organization.
- Very good knowledge of Office 365 security configurations is highly preferred.
- Strong working knowledge of cyber security and security technology including perimeter systems, endpoint protection, backup, archiving and reporting tools.
- Experience with Forensics – investigation and analysis of how and why a breach or other compromise occurred.
- Specific knowledge of security compliance and frameworks including ISO/IEC: 27002, COBIT and data protection legislation. SOX, SAS70, SSAE 16, SOC1, or SOC2 audit experience a plus.
- Knowledge of and experience in the following:
- Cisco/Check Point/Fortinet/Meraki Firewalls and IDS systems.
- DLP, AV and anti-malware – an understanding of the tools used to protect the organization.
- TCP/IP, computer networking, routing and switching – an understanding of the fundamentals: the language, protocol and functioning of the internet.
- Endpoint protection technologies and techniques.
- Access control methodologies (MAC, DAC, RBAC).
- IDS/IPS systems, SIEM tools and network scanners.
- Troubleshooting – the skill to recognize the cause of a problem.
- Understanding risk profiles and mitigation strategies.
- Experience developing and documenting policy and procedures for information security and service continuity.
- Excellent communication (oral, written, presentation), interpersonal, and consultative skills.
- Active participation in relevant industry and professional associations.
- Ability to grow with the needs of the organization and the executive team. Occasional out of hours work to meet business needs.
- Successful applicant will be required to undergo a security background check with a clean result.
- Participation in on-call rotation within the operations team
We would like to thank everyone for their interest in ALS but only candidates selected for an interview will be contacted.
'ALS is proud to be an equal opportunity employer committed to achieving and maintaining a workforce which reflects and affirms the diversity of our society'
ALS is a VEVRAA Federal Contractor.
EOE AA Minority, Female, Veteran, Individuals with Disabilities
Click URL blocked - click to apply to view the EEO is the Law poster
Click URL blocked - click to apply to view the FMLA Law poster
Click URL blocked - click to apply to view the EPPA Law Poster
Click URL blocked - click to apply to view the Pay Transparency Provision
Click URL blocked - click to apply to view company E-Verify Participation Poster
Intrusion Detection And Prevention