IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity Job at Southwest Research Inst

IT SPECIALIST - SR. IT SPECIALIST - Cybersecurity

32-00665

Who We Are:

SwRI Cybersecurity Operations’ mission is to secure the enterprise by evaluating, implementing, and operating a full suite of cybersecurity tools and services. We are responsible for configuring, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention, operational incident detection and response, and security orchestration and automation. From policy through assessment and implementation to operations and response, candidates will have the opportunity to engage in the full security lifecycle.

Objectives of this Role:

• Provide cybersecurity analysis and support in an Enterprise environment.
• Maintain cybersecurity infrastructure and provide daily analysis and support for cybersecurity operations.
• Recommend, evaluate, and deploy new cybersecurity technology and capabilities.
• Support vulnerability and threat assessment operations.

Daily and Monthly Responsibilities:

• Monitoring and maintaining endpoint protection and response (EDR) and Security Orchestration, Automation, and Response (SOAR) systems.
• Monitoring and maintaining the Enterprise Vulnerability Management and Penetration Testing programs.
• Participate in daily review of alerts and incident response analysis activities.
• Remote access configuration and user support.
• Perform malware analysis as needed.
• Monitoring and management of cyber threat intelligence feeds to include integration into various security platforms to identify indicators of compromise to enrich alerting.

Requirements:

• Requires a Bachelor's in Cybersecurity, IT Operations, or a related field, with related experience. In lieu of a degree, 5 years of Cybersecurity or IT administration experience and related certifications will be considered.
• 3 years of relevant Cybersecurity or IT administration experience.
• 3-7 years of experience working with network security platforms such as Endpoint Protection and Threat Intelligence.
• 3-7 years of experience with the administration of modern operating systems (e.g., Windows Server, Windows Desktop, and Linux). Experience with network fundamentals (TCP/IP, VLANs, and network subnetting) as well as scripting, development, and utilizing application programming interfaces (API).
• A valid/clear driver's license is required.

Special Requirements:

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen.

Job Locations:

San Antonio, Texas

An Equal Employment Opportunity Employer: race, color, religion, sex (including pregnancy, childbirth, and related medical conditions, transgender status, and sexual orientation), national origin, age, disability, veteran, or genetic information.