IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity Job at Southwest Research Inst

IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity

32-00663

Who We Are:

SwRI Cybersecurity Operations’ mission is to secure the enterprise by evaluating, implementing, and operating a full suite of cybersecurity tools and services. We are responsible for configuring, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention, operational incident detection and response, and security orchestration and automation. From policy, through assessment and implementation, to operations and response, candidates will have the opportunity to engage in the full security lifecycle.

Objectives of this Role:

• Provide cybersecurity operations support in an enterprise environment.
• Maintain cybersecurity infrastructure and provide daily analysis and support for cybersecurity operations.
• Recommend, evaluate, and deploy new cybersecurity technology and capabilities.

Daily and Monthly Responsibilities:

• Monitoring and maintaining Next Generation firewall systems and policies.
• Support and management of L3/L7 Load-balancing and Web Application Firewall (WAF).
• Support and management of Privileged Access Management (PAM) solution.
• Support and management of the Enterprise Security Information Event Management (SIEM) solution to include advanced reporting, data analysis, and correlation.
• Remote Access configuration and user support.
• Participate in daily incident response analysis activities as required.
• Support Identity Provider Services (IDP) and multi-factor authentication (MFA).
• Support and configure security for Microsoft O365 Entra ID cloud services.

Requirements:

• Requires a Bachelor's degree in Cybersecurity, IT Operations, or related field with relevant experience. In lieu of a degree, 5 years of Cybersecurity and/or IT administration experience and related certifications are acceptable.
• 3 years of relevant Cybersecurity and/or IT administration experience with a bachelor's degree.
• 3-7 years of experience working with incident response and/or network security platforms such as Endpoint Protection, Threat Intelligence, Security Orchestration, Automation, and Response.
• 3-7 years of experience with administration of modern operating systems (e.g., Windows Server, Windows Desktop, and Linux). Experience with network fundamentals (TCP/IP, VLANs, and network subnetting) as well as scripting, development, and utilizing application programming interfaces (API).
• A valid/clear driver's license is required.

Special Requirements:

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen.

Job Locations:

San Antonio, Texas

An Equal Employment Opportunity Employer: race, color, religion, sex (including pregnancy, childbirth, and related medical conditions, transgender status, and sexual orientation), national origin, age, disability, veteran, or genetic information.