The Cyber Security Engineer is responsible for the confidentiality, integrity, and availability of all security systems owned or operated by National Geographic Society. These responsibilities include Firewall/IDS/IPS, VPN, SIEM, antivirus/malware, vulnerability management, encryption, DLP, CASB and cloud security in SaaS/PaaS/IaaS environments. Participates in supporting network access and authorization infrastructures and services including NAC, SSO, MFA, as well as endpoint device security and user security awareness training. Coordinates activities of managed security providers and cloud-based services, including threat intelligence, social media and brand protection, and incident response.
Additional responsibilities include management of technical controls for compliance programs such as PCI-DSS and GDPR including routine environment audits, gap analysis and remediation, process documentation, and submission of completed documents to appropriate regulatory oversight organizations.
Works with solutions architects, system administrators, consultants, and vendors to build, configure, test and implement security solutions that meet the enterprise’s business needs and are aligned and consistent with corporate security policies, enterprise IT strategies and plans. This role will take ownership of incident tickets and service requests and work with end-users and IT staff for resolution/fulfillment. Additional responsibilities include working with network, server and application administrators on secure application and workflow design, wireless scanning and rogue access point detection, and testing/hardening existing systems via penetration test exercises. Additionally, the position will participate in on-call support rotations for non-business hours.
Infrastructure Security (30%)
- Administration and engineering of all network security hardware and software including firewalls, intrusion detection/prevention, information/event log management/analysis, antivirus/malware, access control.
- Design, implementation, and management of security configurations at the host, service, storage, and database layers for both on-premise and cloud-based environments, including server/device hardening, configuration file management, encryption, auditing and monitoring.
- Participation in Internet edge security including traffic analysis, DDOS, secure DNS, partnerships with ISP and CDN.
- Participation in security architecture development including network, host, and application stack design as well as secured data flow.
- Participation in system performance analysis, system instrumentation/management, and change management activities.
Endpoint & Applications Security (30%)
- Design, implementation, and management of workstation and mobile security including encryption, security templates/scripts, antivirus/malware, host firewall and intrusion detection/prevention, application control policies, data loss prevention, and remote wipe/anti-theft controls.
- Design, implementation, and management of on-premise and cloud/SaaS application security including application patching and hardening, access control and identity management, security assessments and audits.
- Design, implementation, and management of secure web development SDLC including pre- and post-release scanning, API key management, and data encryption/obfuscation.
- Participation in risk and security assessments of new and existing applications developed by internal teams, third parties, or COTS providers.
Vulnerability Management & Incident Response (20%)
- Administration and engineering of vulnerability management programs including scanning, patching/remediation, and penetration testing.
- Participation in user-centric security programs including password cracking, phish testing, and security awareness training.
- Participation in formal and ad-hoc computer emergency response and incident response teams, including tabletop exercises and disaster recovery testing.
Third Party & Remote Access Management (10%)
- Design, implementation, and management of all secure data connections to third parties including network design, encryption, access control, and auditing.
- Participation in designing and delivering secure remote access to employees via VPN, including client/clientless access and multi-factor authentication.
Privacy/Audit/Compliance (10%)
- Engineering and management of encryption programs at both hardware and data layers including hard disk encryption, database/file/message encryption, key management, PKI and SSL/TLS certificate management.
- Management of regulatory compliance programs including PCI-DSS and GDPR.
- Participation in all routine and ad-hoc activities related to system and data integrity.
- Minimum of five years’ experience with network security administration as well as implementation of appropriate data/host-based security layers within a heterogeneous computing environment. Comfortable working in cloud-first / consumerized technology environments and integrating Apple products into enterprise security programs. Experience with responding to security breaches and other outages including proactive risk mitigation, incident response, and forensics. Background with Linux and open source tools, as well as active security community participation.
Knowledge and Skills Required
- In-depth knowledge/experience with enterprise security systems administration and engineering, particularly with products from Palo Alto Networks, Cisco, and other major vendors. Strong experience with securing infrastructure products from Aruba, Brocade/Extreme, VMWare, NetApp, Dell, as well as Amazon Web Services and Google Cloud Platform. Strong experience with securing endpoint devices including Windows, Mac OS X, Chrome, iOS, Android as well as IoT. Broad knowledge of secure web site code development/deployment including OWASP best practices, web SDLC and static/dynamic code scanning, data masking/obfuscation/tokenization, API and encryption key handling. Familiarity with cloud-based security tools and service providers including Okta, Cisco Cloudlock, Vera, and Rapid7.
- Ability to function in a dynamic environment subject to changes in schedules and priorities. Ability to participate in multiple projects concurrently from inception to completion with limited management supervision. Excellent oral and written communication skills. Ability to interact positively and productively with teams across organizational lines. Strong customer service, troubleshooting and problem solving a must. ITIL v3 certification and/or experience with IT Service Management a plus.