MPN Diversity Recruiters
Washington, D.C.
Our client, a leading U.S. energy company, seeks an experienced cyber security professional to join our Technology Security organization. The primary role will be focused on a new sector-wide program to address national-level risk, primarily focused on but not limited to cyber risk. (S)he will coordinate across critical infrastructure sectors, including the communications sector, financial services sector, and the energy sector; the three main components of the Tri-Sector Executive Working Group. In addition, the role will work across our client's functions to enable key cyber policy objectives.
This role is part of a strategic effort to expand public-private sector stakeholders to mitigate cyber threats to our energy infrastructure. Acting as coordinator and liaison between the company and an analysis and resilience center, the individual in this position will leverage his/her subject matter expertise to ensure the pace, substance, and outcomes of each effort are meeting the objectives of the overall program. The candidate will work to assess, mitigate and respond to systemic risk facing our client and the subsector at large.
The selected individual will leverage his/her experience in cyber security and understanding of US Government agencies (authorities, missions, capabilities, strengths) to plan or execute actions in line with the overall vision that strengthens national security and better secures our client. The person will engage on a variety of cyber-related topics across various business units, including our client's Technology Security, Strategic Security Policy Director, our client’s Government Affairs office, and others. S(he) will analyze actions, gaps, outstanding risks, and other programmatic needs for each of the individual initiatives within the overall effort, with the goal of advancing complex interrelated projects across a diverse set of stakeholders.
MAJOR JOB RESPONSIBILITIES:
Execute assigned aspects the company’s analysis and resilience center and tri-sector engagement, taking a collaborative approach to risk management through prioritization, planning, and response.
Work with management to plan, execute, and oversee projects and engagements that further various initiatives
Successfully represent our client, including policies and opinions, to outside organizations, potentially including engagements with high-level officials and senior executives.
Drive the overall community (both public and private) though innovation and out-of-the-box ideas to better secure critical infrastructure – be a thought leader in this space
Coordinate, engage, and collaborate with similar functions at peer utilities
Monitor and report on the result of agreements and actions across multiple government agency stakeholders and internal company organizations for areas of responsibility
Track, review, and report progress of each effort against plans
Assess the risks to each project and advise on potential solutions to technical or policy roadblocks
Assist in the implementation of innovative processes, strategies, technologies, and operations for public-private partnership
Manage communication plans and patterns with government stakeholders regarding cyber threats, incidents, sector-specific issues, and other engagements
Travel is expected to be around 20%, but will vary on individual preferences, current goals, training goals, and operational tempo
Must have or be able to obtain a Top Secret US Government Clearance.
Required Knowledge, Skills, Abilities, Experience and Education:
BA/BS in computer science, technology, engineering, cyber policy, or other security-related field or equivalent experience
Minimum of seven (7) years of relevant professional security experience, or five (5) years with Master’s degree
Experience across the US Government and ideally the US Intelligence Community, understanding risk analysis, collection requirements, and analysis
Subject matter expertise working on cyber (or similar) security issues jointly with the federal government
Understanding of current threats facing the electric and natural gas sectors, either on a technical and/or a policy level
Knowledge of Operational Security (OpSec) principles for cyber operations, information sharing, and information protection
Strong interpersonal skills and experience working with government staff, both military and civilian
Ability to collaborate effectively with all levels of personnel, executives, stakeholders, and government contractors
Demonstrated ability to lead others through influence
Excellent attention to detail, verbal/written communication skills, and strong organization and time management skills, as well as the ability to effectively manage multiple tasks simultaneously under general supervision
Demonstrated ability to achieve timely project execution
Independent thinker with strong analytical and problem-solving skills
Experience communicating with senior stakeholders inside and outside the company
Preferred Knowledge, Skills, Abilities, Experience and Education:
Existing professional network with federal government partners
Understanding of various federal legal authorities under which key agencies operate
Knowledge of regulatory and policy environment as it applies to electricity and natural gas generation, transmission, and distribution
Familiarity with global cyber threats to the energy sector and financial services sector.
Relevant professional certifications (PMP, CISM or CISSP)
Masters or higher, ideally in a cyber security-related field
Full Time
Our client, a leading U.S. energy company, seeks an experienced cyber security professional to join our Technology Security organization. The primary role will be focused on a new sector-wide program to address national-level risk, primarily focused on but not limited to cyber risk. (S)he will coordinate across critical infrastructure sectors, including the communications sector, financial services sector, and the energy sector; the three main components of the Tri-Sector Executive Working Group. In addition, the role will work across our client's functions to enable key cyber policy objectives.
This role is part of a strategic effort to expand public-private sector stakeholders to mitigate cyber threats to our energy infrastructure. Acting as coordinator and liaison between the company and an analysis and resilience center, the individual in this position will leverage his/her subject matter expertise to ensure the pace, substance, and outcomes of each effort are meeting the objectives of the overall program. The candidate will work to assess, mitigate and respond to systemic risk facing our client and the subsector at large.
The selected individual will leverage his/her experience in cyber security and understanding of US Government agencies (authorities, missions, capabilities, strengths) to plan or execute actions in line with the overall vision that strengthens national security and better secures our client. The person will engage on a variety of cyber-related topics across various business units, including our client's Technology Security, Strategic Security Policy Director, our client’s Government Affairs office, and others. S(he) will analyze actions, gaps, outstanding risks, and other programmatic needs for each of the individual initiatives within the overall effort, with the goal of advancing complex interrelated projects across a diverse set of stakeholders.
MAJOR JOB RESPONSIBILITIES:
Execute assigned aspects the company’s analysis and resilience center and tri-sector engagement, taking a collaborative approach to risk management through prioritization, planning, and response.
Work with management to plan, execute, and oversee projects and engagements that further various initiatives
Successfully represent our client, including policies and opinions, to outside organizations, potentially including engagements with high-level officials and senior executives.
Drive the overall community (both public and private) though innovation and out-of-the-box ideas to better secure critical infrastructure – be a thought leader in this space
Coordinate, engage, and collaborate with similar functions at peer utilities
Monitor and report on the result of agreements and actions across multiple government agency stakeholders and internal company organizations for areas of responsibility
Track, review, and report progress of each effort against plans
Assess the risks to each project and advise on potential solutions to technical or policy roadblocks
Assist in the implementation of innovative processes, strategies, technologies, and operations for public-private partnership
Manage communication plans and patterns with government stakeholders regarding cyber threats, incidents, sector-specific issues, and other engagements
Travel is expected to be around 20%, but will vary on individual preferences, current goals, training goals, and operational tempo
Must have or be able to obtain a Top Secret US Government Clearance.
Required Knowledge, Skills, Abilities, Experience and Education:
BA/BS in computer science, technology, engineering, cyber policy, or other security-related field or equivalent experience
Minimum of seven (7) years of relevant professional security experience, or five (5) years with Master’s degree
Experience across the US Government and ideally the US Intelligence Community, understanding risk analysis, collection requirements, and analysis
Subject matter expertise working on cyber (or similar) security issues jointly with the federal government
Understanding of current threats facing the electric and natural gas sectors, either on a technical and/or a policy level
Knowledge of Operational Security (OpSec) principles for cyber operations, information sharing, and information protection
Strong interpersonal skills and experience working with government staff, both military and civilian
Ability to collaborate effectively with all levels of personnel, executives, stakeholders, and government contractors
Demonstrated ability to lead others through influence
Excellent attention to detail, verbal/written communication skills, and strong organization and time management skills, as well as the ability to effectively manage multiple tasks simultaneously under general supervision
Demonstrated ability to achieve timely project execution
Independent thinker with strong analytical and problem-solving skills
Experience communicating with senior stakeholders inside and outside the company
Preferred Knowledge, Skills, Abilities, Experience and Education:
Existing professional network with federal government partners
Understanding of various federal legal authorities under which key agencies operate
Knowledge of regulatory and policy environment as it applies to electricity and natural gas generation, transmission, and distribution
Familiarity with global cyber threats to the energy sector and financial services sector.
Relevant professional certifications (PMP, CISM or CISSP)
Masters or higher, ideally in a cyber security-related field
MPN Diversity Recruiters
Atlanta, GA or Birmingham, AL
Description
The Network Security Engineer position will be responsible for network security engineering for configuration, deployment and management of Network Access Control (NAC) systems in a 24 x 7 x 365environment. The analyst must be able to analyze, troubleshoot and remediate issues in a timely manner. The analyst must be goal-oriented, customer focused and able to apply technical solutions to business requirements to assist the organization in achieving business, technical and security goals.
Responsibilities and Duties Include:
Develop and enforce authorized network/device policies based on corporate security standards
Coordinate with security and networking groups to implement use cases (including custom scripts)
Monitor infrastructure to ensure solution is integrated with new network devices or changes
Coordinate troubleshooting, break-fix and new feature integration
Manage, monitor and upgrade software and hardware
Create periodic customer reports and dashboards as needed
Maximize and maintain integrations (NGFW, SIEM, CMBD, etc…)
Manage role-based administration and user accounts
Qualifications
3+ years of design/implementation with networking experience
Deep knowledge and experience with NAC configuration and implementation (ForeScout CounterACT, FortiNAC, etc.)
Experience with one or more network vendors: Cisco, Apcon, Ixia, InfoBlox or GigaMon
Experience with one or more major security vendors: Cisco, ForeScout, Palo Alto, CyberArk or Splunk
Experience with troubleshooting application connectivity and performance through log analysis and network captures
Ability to clearly document technical steps and procedures
Working knowledge of python, shell, perl and xml scripting a plus
Excellent communications skills, strong customer orientation, good organizational skills, self-driven with ability to multi-task on various projects and aptitude to learn new technologies
Education/Certification
Bachelor’s Degree in computer science, Engineering or equivalent industry experience
Industry Certifications such as CISSP, CASP, Security+, CEH, SANS (GCIA, GCIH, GREM, GPEN) is a plus
ForeScout Certified Administrator (FSCA), ForeScout Certified Engineer (FSCE) a plus
Location
Atlanta / Birmingham
Full Time
Description
The Network Security Engineer position will be responsible for network security engineering for configuration, deployment and management of Network Access Control (NAC) systems in a 24 x 7 x 365environment. The analyst must be able to analyze, troubleshoot and remediate issues in a timely manner. The analyst must be goal-oriented, customer focused and able to apply technical solutions to business requirements to assist the organization in achieving business, technical and security goals.
Responsibilities and Duties Include:
Develop and enforce authorized network/device policies based on corporate security standards
Coordinate with security and networking groups to implement use cases (including custom scripts)
Monitor infrastructure to ensure solution is integrated with new network devices or changes
Coordinate troubleshooting, break-fix and new feature integration
Manage, monitor and upgrade software and hardware
Create periodic customer reports and dashboards as needed
Maximize and maintain integrations (NGFW, SIEM, CMBD, etc…)
Manage role-based administration and user accounts
Qualifications
3+ years of design/implementation with networking experience
Deep knowledge and experience with NAC configuration and implementation (ForeScout CounterACT, FortiNAC, etc.)
Experience with one or more network vendors: Cisco, Apcon, Ixia, InfoBlox or GigaMon
Experience with one or more major security vendors: Cisco, ForeScout, Palo Alto, CyberArk or Splunk
Experience with troubleshooting application connectivity and performance through log analysis and network captures
Ability to clearly document technical steps and procedures
Working knowledge of python, shell, perl and xml scripting a plus
Excellent communications skills, strong customer orientation, good organizational skills, self-driven with ability to multi-task on various projects and aptitude to learn new technologies
Education/Certification
Bachelor’s Degree in computer science, Engineering or equivalent industry experience
Industry Certifications such as CISSP, CASP, Security+, CEH, SANS (GCIA, GCIH, GREM, GPEN) is a plus
ForeScout Certified Administrator (FSCA), ForeScout Certified Engineer (FSCE) a plus
Location
Atlanta / Birmingham
MPN Diversity Recruiters
Atlanta, GA & Birmingham, AL
Position Overview
This role will serve as a key stakeholder in designing and implementing the identity security strategy across multiple aspects of our client’s technology footprint. While the focus of this role will be cloud identity, a successful strategy must leverage significant input from resources and systems in our client's established on-premises identity structure. The candidate will be required to identify security gaps, craft plans to close those gaps, and work with business partners for buy-in and rollout execution. The cloud properties in scope include multiple public IaaS/PaaS providers as well as numerous SaaS applications.
This is an important role that will help shape and mature the identity strategy across the company. The candidate will be responsible for building and integrating secure identity methodologies into existing cloud projects, as well as establishing documented guidelines for new applications – both internally developed and off the shelf. This role is well suited to a security focused, forward leaning individual who solves problems with a risk-based approach.
Qualifications
Bachelor’s degree or equivalent experience
Minimum of three years’ experience with one or more of the following areas: network security, application security, endpoint security, system administration, identity and access management, data security, incident response or penetration testing
Operational experience with public cloud infrastructure providers (AWS, Azure or Google Cloud) is preferred
A thorough understanding of SAML authentication and experience integrating applications with common identity providers
Experience integrating with a SIEM or other security monitoring environment is preferred
Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity) and security capabilities
Experience in evaluating, recommending, and implementing new and emerging security products and technologies
Excellent verbal and written communication skills
Strong understanding of Linux and Windows operating systems and controls
Experience with Active Directory required
Experience with cloud identity providers (Azure AD, Okta, Ping etc) preferred
Experience with DevOps and Agile methodologies preferred
Job Responsibilities
Design and implement cloud identity security controls for Technology Organization in both IaaS/PaaS and SaaS environments
Apply advanced knowledge and functional experience with authentication and authorization mechanisms to modernize and secure our client's identity strategy
Assess existing cloud implementations, identifying identity security issues and prioritizing fixes
Work with engineering and operations teams to implement identity threat detection signals, deploy new tooling and improve response capabilities both in cloud and on-prem environments
Help refine identity security methodologies in cloud DevSecOps processes
Provide subject matter expertise in support of overall migration to public and hybrid cloud service architecture
Create architecture solution roadmaps for linking SSO and Federated services with internal business processes and technologies
Engage and empower Technology Organization personnel and other business units to understand and apply information security concepts to mitigate corporate risk
Provide expertise in workflow, policy and external integration with Privileged Identity Management tools
Plan, coordinate and provide subject matter leadership on information security projects
Help customers understand and apply identity security concepts, processes, and technologies
Demonstrate company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment
Job Requirements
United States citizenship is required
Consulting experience; ability to understand business requirements and present appropriate solutions
Ability to work independently or within a team
Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
Must pass NERC CIP & Insider Threat Protection background checks
Occasional travel to local and regional locations in pursuit of the job duties and requirements.
Our LARGE COMPANY CONFIDENTIAL CLIENT is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Full Time
Position Overview
This role will serve as a key stakeholder in designing and implementing the identity security strategy across multiple aspects of our client’s technology footprint. While the focus of this role will be cloud identity, a successful strategy must leverage significant input from resources and systems in our client's established on-premises identity structure. The candidate will be required to identify security gaps, craft plans to close those gaps, and work with business partners for buy-in and rollout execution. The cloud properties in scope include multiple public IaaS/PaaS providers as well as numerous SaaS applications.
This is an important role that will help shape and mature the identity strategy across the company. The candidate will be responsible for building and integrating secure identity methodologies into existing cloud projects, as well as establishing documented guidelines for new applications – both internally developed and off the shelf. This role is well suited to a security focused, forward leaning individual who solves problems with a risk-based approach.
Qualifications
Bachelor’s degree or equivalent experience
Minimum of three years’ experience with one or more of the following areas: network security, application security, endpoint security, system administration, identity and access management, data security, incident response or penetration testing
Operational experience with public cloud infrastructure providers (AWS, Azure or Google Cloud) is preferred
A thorough understanding of SAML authentication and experience integrating applications with common identity providers
Experience integrating with a SIEM or other security monitoring environment is preferred
Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity) and security capabilities
Experience in evaluating, recommending, and implementing new and emerging security products and technologies
Excellent verbal and written communication skills
Strong understanding of Linux and Windows operating systems and controls
Experience with Active Directory required
Experience with cloud identity providers (Azure AD, Okta, Ping etc) preferred
Experience with DevOps and Agile methodologies preferred
Job Responsibilities
Design and implement cloud identity security controls for Technology Organization in both IaaS/PaaS and SaaS environments
Apply advanced knowledge and functional experience with authentication and authorization mechanisms to modernize and secure our client's identity strategy
Assess existing cloud implementations, identifying identity security issues and prioritizing fixes
Work with engineering and operations teams to implement identity threat detection signals, deploy new tooling and improve response capabilities both in cloud and on-prem environments
Help refine identity security methodologies in cloud DevSecOps processes
Provide subject matter expertise in support of overall migration to public and hybrid cloud service architecture
Create architecture solution roadmaps for linking SSO and Federated services with internal business processes and technologies
Engage and empower Technology Organization personnel and other business units to understand and apply information security concepts to mitigate corporate risk
Provide expertise in workflow, policy and external integration with Privileged Identity Management tools
Plan, coordinate and provide subject matter leadership on information security projects
Help customers understand and apply identity security concepts, processes, and technologies
Demonstrate company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment
Job Requirements
United States citizenship is required
Consulting experience; ability to understand business requirements and present appropriate solutions
Ability to work independently or within a team
Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
Must pass NERC CIP & Insider Threat Protection background checks
Occasional travel to local and regional locations in pursuit of the job duties and requirements.
Our LARGE COMPANY CONFIDENTIAL CLIENT is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
