The SystemSecurity Engineer Level II is a required to be highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network ensuring that they are protected from cyber threats and attacks, ensuring compliance and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security.The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response.
ESSENTIAL JOB FUNCTIONS
Monitor network traffic for anomalies, investigate alerts and respond to security incidents.
Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices.
Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR.
Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices.
Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations
Install and configure Network Equipment (Switches, Firewalls, and other networking hardware)
Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs.
Possess a solid understanding of Windows Server services and roles including installation and configuration
Create certificates for network devices and servers that have a web management capability
A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues
Create, Manage and Deploy Group Policy Objects (GPO’s) to deploy applications and implement security including windows firewalls
Effectively use PowerShell to automate and standardize administrative tasks
Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances
Manage our virtualized server environment managing, creating VM’s and patching the VMware environment.
Strong understanding of Virtual Switches, Port Groups (Distributed and Standard)
Manage the Active Backup for Business on Synology and other advanced Synology administration features
Maintain and monitor Backup solutions.
Manage our users email accounts using the cloud service M365 from Microsoft
Responsible for creating and maintaining server and network documentation to include tasks and procedures
Proactively monitor our network using a variety of tools to help identify potential network and server issues
Assist in patching our entire infrastructure when needed using a variety of tools
Maintains strong technical abilities, knowledge of new and changing technologies
Prepare for emergencies by creating and/or updating action plans
Jumping into time-sensitive projects wherever needed
Showing flexibility and a willingness to learn
Maintain healthy communication with IT Staff, IT Customers and Vendors
Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables.
Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization.
Execute each essential duty satisfactorily to perform job successfully.
Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions.
Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect.
Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects.
Follow all department quality standards/criteria. Raise concerns and issues to immediate manager.
Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service).
Understands department’s key performance indicators and contributes to achieve these goals both individually and as a team.
Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization.
Executes each essential duty satisfactorily to perform job successfully.
Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions.
Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect.
Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects.
Follows all department quality standards/criteria. Raises concerns and issues to management.
Understands department’s key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team.
Other duties as needed or required.
ADDITIONAL RESPONSIBILITIES
Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution
Occasional travel to various Cambro locations domestically and internationally as required (15%)
May occasionally guide less experienced associates to help with technical projects
Some travel may be required.
Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.
REQUIRED QUALIFICATIONS
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Bachelor’s degree (B.A.) from a four-year accredited college or university.
5-10 years of experience in IT security, network, administration, and support roles.
Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.
Ability to adapt and adjust plans to meet changing needs.
Proficient in Microsoft Office Suite
Experience with Fortinet solutions, EDR, email security solutions
Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR.
Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL’s) technologies and network segmentation.
Strong knowledge of DNS records including reverse zones and maintaining DNS records
Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches
Solid understanding of routing protocols, static routes and ARP cache
Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances)
Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner
Strong Windows administration skills including Active Directory/GPO’s and security policies
Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x
Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures
Must be able to follow instructions and procedures and ask questions if something is unclear
Excellent documentation skills including ability to create network drawings
Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure
Strong customer service and communication skills
Excellent organizational skills and strong sense of urgency
Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks
Great accuracy and attention to detail
PREFERRED QUALIFICATIONS
Experience in Business Continuity and disaster recovery is a plus
Knowledge of Ruckus Access Points and Switches
Knowledge of IBMi
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
IT Application
COMPENSATION RANGE:
$97,000 - $130,000
Salary may vary based on experience.
CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law. Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.
