Job Summary:
Cherokee Nation Businesses is a dynamic company that drives growth and innovation for the Cherokee Nation. They are seeking a Senior IT Security Engineer to design, implement, and maintain cybersecurity controls while serving as a technical advisor to protect organizational systems against cyber threats.
Responsibilities:
• Designs, implements, documents, and maintains security systems and solutions.
• Implements and maintains cloud security controls including CSPM, IAM, encryption, logging, workload protection, and network segmentation.
• Supports secure administration of Microsoft Active Directory, Entra ID/Azure AD, Group Policy, DNS, DHCP, and related identity services.
• Performs security assessments based on current environment; and develops recommendations/action plans.
• Maintains cyber security risk register and cyber security plan.
• Performs advanced troubleshooting for networking, application, security system, and related system problems.
• Gathers detailed problem information, assesses the problem, determines the resources needed, and leads the problem resolution.
• Advises in the design, deployment, and administration of the following areas: cloud, infrastructure, networking, and applications including security related to these areas.
• Supports security monitoring, detection engineering, SIEM tuning, and threat hunting initiatives.
• Assists with confidential security investigations and insider threat activities.
• Plans, designs, implements, documents, and maintains disaster recovery and risk mitigation strategies.
• Provides leadership cyber security recommendations, costs, and implementation design/plans.
• Works with the leadership on confidential security investigations.
• Participates in and supports Cyber Incident Response Team (CIRT) activities including investigation, containment, eradication, recovery, and lessons learned.
• Provides administration, documentation, and implementation expertise for data security categorization, audit reporting, and protections.
• Assists in maintaining and advancing the security awareness program.
• Supports internal and external customers using appropriate email, telephone, and face-to-face interactions.
• Mentors less experienced staff in areas of cybersecurity technologies and practices.
• Leads or supports cybersecurity-related projects and cross-functional initiatives.
• Communicates cybersecurity risks, recommendations, and technical concepts effectively to technical and non-technical stakeholders.
• Facilitates team and project activities.
• Manages multiple projects without having direct supervisory responsibilities.
• Work is primarily performed in a climate-controlled office setting.
• Work requires lifting objects up to 10lbs.
• Work will require varied shifts including, weekends and holidays, as needed.
• Performs other job-related duties as assigned.
Qualifications:
Required:
• Bachelor’s degree and eight plus (8+) years of cyber security engineering experience in the areas of networking, application, data, and end users computing. or an equivalent combination of education and experience.
• Experience with patch management, vulnerability management, 3rd party vendor assessments, cyber incident response, and common industry practices.
• Experience with security engineering, security assessments, design reviews and threat modeling.
• Experience with Zero Trust architecture, cloud-native security tooling, and automation/security orchestration.
• Experience with scripting or automation using PowerShell, Python, or similar languages.
• Experience with SIEM platforms such as Microsoft Sentinel.
• Advanced knowledge of cloud security and associate tools.
• Advanced knowledge of computer security including knowledge of vulnerability and penetration testing, compliance testing, and disaster recovery planning.
• Advanced knowledge of Microsoft Active Directory including users, groups, servers, group policy, DNS, DHCP, and replication.
• Advanced knowledge of securing networks in areas such as Ethernet, firewalls, and Wi-Fi.
• Advanced knowledge and implementation of cyber forensics.
• Advanced knowledge of implementation, deployment, and administration of certificates and Public Key Infrastructure.
• Advanced knowledge of firewall and intrusion prevention system installation and rule administration.
• Advanced knowledge of security tools such as Qualys, Armis, MS Defender, MS Purview, and MS Cloud Security Tools.
• Excellent analytical and problem-solving skills.
• Excellent communication skills.
• Excellent organizational and prioritization skills.
• Ability to work well under pressure and handle multiple projects at once.
Preferred:
• CISSP, Security+, and Azure Security Engineer Associate certifications preferred.
Company:
Cherokee Nation Businesses provides hospitality, federal, cultural, and economic development solutions. Founded in 2004, the company is headquartered in Catoosa, USA, with a team of 10001+ employees. The company is currently Late Stage.