PrismHR is hiring a
Senior Cybersecurity Engineer

Summary

The job is for a Cybersecurity Professional in PrismHR, a fast-growing SaaS company. The role involves managing and administering cybersecurity solutions, performing system administration tasks, identifying potential conflicts with implementation of any cyber defense tools, executing penetration tests, preparing comprehensive reports, and collaborating with stakeholders to design and establish a penetration testing program.

Requirements

• 5 to 7 years of experience in securing IT systems with 3 years of direct cybersecurity experience
• 2 years of experience securing or utilizing one of the major cloud platforms (Azure, AWS, and GCP) is desired
• Familiarity with computer networking concepts, protocols, and network security methods
• Understanding of scripting and coding techniques (e.g., Python, JSON, APIs, etc.)
• Awareness of cyber threats and vulnerability management
• Proficiency in data backup and recovery to restore systems/platforms
• Experience with email security filtering
• Grasp of cybersecurity and privacy principles
• Expertise in Virtual Private Network (VPN) security
• Acquaintance with web application filtering technologies
• Comprehension of security architecture concepts and principles based on defense-in-depth
• Insight into identity and access management concepts, processes, and integrations
• Mastery of web application security concepts, tools, and methods
• Familiarity with pen testing tools, processes, procedures, and best practices
• Understanding of system, network, and OS hardening techniques
• Experience with security logging for both on-premise, bare-metal, and cloud-based platforms
• Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), and Secure Web Gateways (SWG)
• Proficiency in endpoint protection and management

Responsibilities

• Coordinate with Cyber Defense resources, Infrastructure teams, and Application/Product leads to manage and administer the updating of rules and signatures for the various cybersecurity solutions
• Perform system administration and management on specialized cyber defense applications and systems to include installation, configuration, maintenance, backup, and restoration
• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources
• Assess the impact of implementing and sustaining cyber defense infrastructure
• Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s)
• Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization)
• Collaborate with stakeholders to design and establish a penetration testing program tailored to internal needs
• Execute penetration tests using a variety of tools and techniques, simulating real-world attacks
• Prepare comprehensive reports summarizing test results, including identified vulnerabilities, risk ratings, and recommended remediation steps

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP)
• SANS/GIAC Certification (Various)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)