Cyber Security Engineer III

Benefits:* Fuel Your Growth with Love's - company funded tuition assistance program * Paid Time Off  * 401(k) – 100% Match up to 5% * Medical/Dental/Vision Insurance after 30 days * Hiring Immediately * Hybrid work-schedule

ABOUT THE POSITION: The Cyber Security Analyst III provides leadership and expertise to IT staff and other departments related to information security issues.  The Analyst monitors and responds to security incidents, performs vulnerability assessments, creates process documentation, and otherwise contributes to the development and maintenance of a sound information security program.  The Cyber Security Analyst III reports to the Supervisor/Manager of Information Security.

LOCATION:

• This position is located at Love's corporate office in Oklahoma City.
• Hybrid work-schedule: 
  • 3 workdays will be onsite at the corporate office in Oklahoma City, and 2 workdays can be remote.
  • You  MUST reside in the Oklahoma City metro area or be in the process of relocating to the OKC metro area in order to be considered for this position because this is not a remote position.

MAJOR RESPONSIBILITIES:

• Participates in/develops partnerships for IT and Operations projects as needed to support information security architecture and integration of all security elements
• Designs, implements, and maintains Love’s network security monitoring infrastructure and tools
• Coordinates and documents incident handling and response efforts
• Performs digital forensic investigations as directed by Legal, Risk Management, or Human Resources
• Performs e-discovery tasks in support of litigation matters from Legal or Risk Management
• Administers, updates and engineers solutions for security operations and e-discovery tools and platforms
• Coordinates with other internal teams for collection of logs/data required for security review and monitoring
• Participates and coordinates all threat intelligence efforts
• Researches the threat landscape and conducts vulnerability analysis on emerging risks to the organization, and recommends remediation activities to management
• Performs complex administrative and engineering oversight duties for security devices, appliances and systems
• Provides mentor leadership to other Information Security staff
• Works with third-party support and security equipment vendors
• Participates in the risk assessment process
• Coordinates and performs regularly scheduled security scanning across the IT infrastructure
• Conducts research on security products in support of procurement and development efforts. Evaluates and recommends products for purchase
• Receives and responds to after-hours calls, pages, and/or e-mails regarding security problems
• Participates and reviews the creation and upkeep of information security operations processes and documentation
• Participates and plans security operations projects as directed by the Manager of Information Security
• Assists in the PCI assessment process as needed
• Other duties assigned as needed

EDUCATION AND EXPERIENCE:

• Bachelor’s Degree preferred, emphasis in Cyber Security or Information Security is preferred
• CISSP, CASP, or CISA is preferred
• GIAC Certified Forensic Analysis, GIAC Certified Incident Handler, or EnCase Certified Examiner strongly preferred
• General IT experience is required (SOC Analyst, Security Engineer, Security Analyst, System Administrator, Network Administrator, etc.)
• Hands-on experience installing and troubleshooting security hardware and systems
• Minimum 5-6 years in Information Security is required
• Minimum 2 years’ experience in forensic collection strongly preferred
• Minimum 2 years’ experience in performing eDiscovery activities strongly preferred
• Minimum 3-4 years’ experience in security incident analysis and response is required
• Advanced knowledge of information security principles and practices to include, but not limited to, the following areas: Vulnerability Scanning, Security Information and Event Management (SIEM), NG Firewall, NGAV, Encryption, Host Based Security, Data Loss Prevention, Malware Prevention

SKILLS:

• Comprehensive technical knowledge of infrastructure and application development
• Good understanding of the Company’s goals and objectives
• Knowledge of applicable data privacy practices and laws
• Ability to perform general mathematical calculations for the purpose of creating need assessments and budgets

You  MUST reside in the Oklahoma City metro area or be in the process of relocating to the OKC metro area in order to be considered for this position because this is not a remote position.

#LI-hybrid