Skip to main content

Cybersecurity Engineer III

Job Details

Remote - Your Town, KS
Fully Remote
Full Time
Bachelor Degree
Engineering

Description

Habemco is a shared services company wholly owned and operated by the Habematolel Pomo of Upper Lake, a federally recognized Native American tribe located in Northern California. Habemco’s support services such as product development and technology which are needed for business growth, ultimately power the Tribe’s economy, and enable the delivery of education, health care and elder support programs for the Tribal community. Our talented team provides cross-functional support services to various tribal business and government entities. The Habemco team plays a critical role in ensuring a successful future for our customers, our employees, and the Tribe.

Headquartered in a beautiful, yet remote part of California, the Tribe recognizes that to compete in highly competitive industries such as FinTech, the Tribe must access expertise throughout the nation. In addition to employees that work remotely, the Tribe has employees located at its headquarters in Upper Lake, California and at a campus in Lenexa, Kansas.

Employees receive competitive pay and benefits, quarterly performance bonuses and 401(k) with a 4% match. Our team is creative, forward-thinking, passionate and moves fast! Are you ready to grow with us?

Purpose of the Position

Implement security systems to enhance the organization's ability to identify, detect, respond to, and recover from cyber threats and vulnerabilities. This role involves establishing security controls based on risk assessments, threat modeling, and analysis of current systems. The Cybersecurity Engineer ensures that systems and architectures comply with organizational security standards and guidelines while staying informed of emerging cyber threats. They will collaborate with teams to incorporate security controls into operational systems, supporting efforts to detect and mitigate malicious behavior. Work is generally independent and collaborative in nature. Incumbent contributes to moderately complex aspects of a project.

Key Responsibilities

  • Responsible for ensuring the security of the organization's systems and information assets.
  • Develops and implements security systems, guidelines, and strategies.
  • Protects against unauthorized access, use, disclosure, disruption, modification, and/or destruction.
  • Conducts audits and risk assessments.
  • Evaluates internal operations and controls and makes recommendations based on the findings.
  • Migrates non-compliant environments to compliant environments.
  • Ensures compliance with data protection guidelines and applicable laws.
  • Develops security measures to safeguard existing infrastructure based on risk assessment threat modeling and supports the integration of new security solutions.
  • Creates action plans for system hardening, monitoring, incident response, and disaster recovery.
  • Manages vulnerability discovery platforms in cloud architecture environments, CI/CD pipelines, Static Application Security Testing (SAST), Windows & Linux operating systems, software applications.
  • Monitors, analyzes, and configures security systems to detect, respond to, and recover from cyber threats and vulnerabilities.
  • Implements and tunes security tools such as SIEM, DLP, and IPS to monitor logs, alerts, and detect suspicious activity.
  • Stays informed about emerging cyber threats and update monitoring processes accordingly.
  • Collaborates with teams to incorporate security controls into operational systems to maintain a secure environment.
  • Supports efforts to detect, mitigate, and respond to malicious activities within the organization's network and systems.
  • Educates and trains staff on information system security best practices.
  • Regular, reliable attendance during normal business hours.
  • In-person attendance and travel as requested.
  • Other duties as assigned. 

Education and Experience

Required:

  • Bachelor of Science degree from an accredited university with a major in Cybersecurity, Computer Science, or another technical field or in lieu of education, four (4) or more years of experience working as a Cybersecurity Analyst or related position. Plus: 
  • Four (4) or more years of direct work experience demonstrating one or more of the following competencies:
    • Access control, cloud security, computer information security.  
  • Four (4) or more years of experience working as a Cybersecurity Engineer or related position.  
  • Three (3) or more cybersecurity certifications
  • In addition to the above Education and Experience, the following experience or skills are required:
    • Proven experience managing, operating, monitoring, and maintaining security systems.
    • Detecting, investigating, and responding to security threats.
    • Managing platforms that discover vulnerabilities and recommend mitigating strategies.
  • Applicants for this position must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Habemco (e.g., H1-B visa, F-1 visa (STEM/OPT), TN visa.)
  • All offers are contingent upon signing a confidentiality agreement and satisfactory completion of drug screening and background checks. Employer observes federal standards for controlled substances.

Preferred:

  • Certified Cloud Security Professional (CCSP)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Privacy Professional (CIPP)
  • AWS Certified Security - Specialty
  • CompTIA PenTest+
  • CompTIA CASP+
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst Certification (GCIA)
  • GIAC Security Expert (GSE)
  • GIAC Certified Detection Analyst (GCDA)
  • Cisco Certified CyberOps Professional
  • Microsoft Certified: Information Protection and Compliance Administrator Associate
  • Microsoft Certified: Identity and Access Administrator Associate
  • Master of Science degree from an accredited university with a major in Cybersecurity, Computer Science, or another technical field.

Skills & Abilities

  • Use critical thinking skills to solve complex problems.
  • Extensive knowledge of operating systems and database security.
  • Proficiency in networking technologies, network security, and network monitoring solutions.
  • Knowledge of security protocols and principles, including endpoint detection response applications, content filtering, firewalls, authentication systems, intrusion detection, and notification systems.
  • Skilled in preparing and delivering documentation such as, but not limited to, business and functional requirements, data flow, and logical and physical diagrams.
  • Demonstrate effective time management skills and ability to float between multiple projects.
  • Effectively prioritizes and executes tasks in a highly productive yet autonomous environment.  
  • Ability to present technical ideas in concise, user-friendly, or layman's language. 
  • Strong interpersonal skills used in developing effective working relationships and listening skills. 
  • Ability to function as a contributing team member and interact positively and openly with peers and other departments in a fast-paced, multi-tasking environment.
  • Ability to work in a fast-paced, time-sensitive, and confidential environment.  
  • Excellent communication skills, utilizing the ability to communicate effectively both orally and in writing with professionalism, excellent grammar, respect, and courteousness. 
  • Possess a balance of assertiveness and diplomacy along with adaptability to communicate on all levels.

Physical Requirements

  • Prolonged periods in a stationary seated position, such as working on a computer. 
  • Verbal communication sufficient to exchange accurate ideas and information.
Apply