CAI

Cybersecurity Specialist

Req number:

R1668

Employment type:

Full time

Worksite flexibility:

Onsite

Job Summary

We are looking for a Cybersecurity Specialist to ensure that the architecture and design of the development and operational systems are functional and secure. This position is full time, and onsite, and is a 12 month contact with a probable extension.

Job Description

We are looking for a Cybersecurity Specialist to ensure that the architecture and design of the development and operational systems are functional and secure. This position is full time, and onsite, and is a 12 month contact with a probable extension.

This is an onsite, office position based in downtown Pittsburgh, PA.

• The Cybersecurity Specialist will ensure that the architecture and design of the development and operational systems are functional and secure.
• This role is also responsible for the continued improvement and development of the service, including developing cybersecurity technical standards and architectural patterns.
• This person must be able to draw from a deep background in enterprise technology and security principles and solutions, as well as their understanding of the business, to clearly articulate and discuss identified business risks and various options for mitigating those risks.
• Communicates cybersecurity risks and solutions to business partners and IT staff as needed

What You'll Do

• Design network and application vulnerability assessment programs and testing methodologies.
• Perform technical risk assessments for enterprise systems and report gaps and remediation actions. The analysis includes automated testing using standard tools as well as manual testing and interrogation of web-based applications.
• Design and configure Intrusion Prevention Systems and passive Intrusion Detection Systems. 
• Configure Security Information and Event Management (SIEM) platforms to include obtaining data from endpoints and network devices and generating reports. Create automated workflow to address security related incidents.
• Perform regulatory compliance audits, including HIPAA and PCI. Report findings and advise on remediation efforts. Assist in preparing business application owners prior to Penetration test exercises.
• Lead advisement and interpretation of emerging regulations and legal requirements. Research, monitor, and advise on emerging security threats and developments that affect business systems or network infrastructure.
• Lead and advise on security related updates for endpoint applications and server applications, as well as vendor-supplied or proprietary security patches. Responsible for coordination with various teams to ensure patches are deployed in a timely manner based on risk assessment to the organization.
• Design and maintain various cryptographic solutions including x.509 based certificate cryptography, PGP/GPG PKI infrastructure, TLS/SSL tunneling solutions, endpoint encryption and other cryptographic solutions on multiple platforms, both at rest and in motion.
• Perform penetration testing on multiple platforms and network environments following industry frameworks.
• Review firewall rules and access control lists for appropriate access — this may include port and protocol analysis to best determine scope of access rules.
• Assist in creating and maintaining information security policies, including technical and administrative policies.
• Develop and maintain a DHS cybersecurity awareness training and education program.
• Document and address the organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
• Conduct research on new security technologies and products, both open source and vendor proprietary.

What You'll Need

• Experience with various security tools, including intrusion detection systems, SIEM systems, and firewalls.
• Proven experience in incident response, vulnerability management, or network security.
• Expert knowledge of cybersecurity applied to cloud, data, applications, platforms, operating systems, and networks.
• Expertise in cloud security, especially Software-as-a-Service (SaaS) and Platform-As-A-Service (PaaS), and the related security implications and control approaches.
• Strong working understanding of cybersecurity architectural principles and models.
• Knowledge of network security, penetration testing, intrusion detection/prevention, malware analysis, and encryption.
• Ability to navigate a matrixed environment and building cross-functional relationships.
• Ability to communicate effectively with all levels of staff.
• Bachelor’s degree in computer science or a related field.
• 7+ years of Information Technology and cybersecurity experience, with a minimum of 4 years within cybersecurity (Preferred).
• Industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), Certified Information Security Manager (CISM).

Physical Demands

• Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state, and local standards
• Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.
• Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor.

Reasonable Accommodation Statement

If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.

Equal Employment Opportunity Policy Statement

It is the policy of CAI not to discriminate against any employee or applicant due to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or being a protected veteran. It is also the policy of CAI to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or being a protected veteran, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment. Employees and applicants of CAI will not be subject to harassment due to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or being a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited.