Job Description
Position Summary
This position is responsible for various aspects of Information Security across the organization, which includes data availability, data integrity, authentication, and confidentiality. This position will exercise discretion and independent judgment with respect to the maintenance and management of security policy and procedures as well as utilize security tools in his/her daily tasks. This position will train or participate in work team assignments.
This is a salaried, exempt position. The Cybersecurity Engineer reports to the Technology Systems Director.
Essential Job Functions
1. Assist the departmental Manager in designing, developing, maintaining, and managing security assessments and authorization packages that include system security plans, contingency plans, security impact analysis, remediation plans, and other relevant security documentation
2. Assist the departmental Manager in creating, revising, documenting, and managing all security-related policies and procedures
3. Develop, manage, monitor, and communicate enterprise security risk by maintaining visibility across the organization
4. Manage security-related project plans and milestones
5. Communicate with the Omaha Airport Authority (OAA) technology team and other OAA departments about cybersecurity-related topics
6. Conduct security evaluations, audits, and reviews
7. Participate in and review technology-based designs regarding implementation of appropriate security policies and practices
8. Administer vulnerability/risk assessment analysis to support assessment and authorization
9. Work with the technology team to prioritize and recommend appropriate actions to remediate known vulnerabilities and the implementation of appropriate security settings
10. Analyze and identify trends in security log data from many heterogeneous security devices
11. Work with the technology team to identify, recommend, implement, and manage security tools to analyze and mitigate known vulnerabilities for applications, databases, operating systems, network components, and other information assets
12. Identify and implement cybersecurity awareness programs
13. Responsible for conducting monthly reports for each business department
14. Work directly with the Cybersecurity Analyst
15. Perform other duties as assigned
Knowledge, Skills and Abilities Required
1. Bachelor’s degree in Cybersecurity, Information Technology, or related field and a minimum of seven years’ progressive information security experience preferred
2. Experience working in a Security Operation Center preferred
3. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), GIAC Security Essentials Certification (GSEC), GIAC Certified Incident Handler (GCIH), Security+, or other related certifications preferred
4. Understanding of the Risk Management Framework (RMF) process
5. Strong attention to detail
6. Ability to work and adapt in a multi-disciplined environment
7. Physical requirements include good hand-eye coordination and fine motor skills. Frequent use of office tools such as staplers, copiers, fax machines, scanners, computer keyboards, and telephones. Prolonged screen time requiring good vision acuity to focus on text and details for extended periods. Must be able to stand, kneel, and walk for extended periods while performing technology tasks
8. Non-movement area certification required by the end of the qualification/probationary period and maintain certification throughout employment
9. Excellent oral and written communication skills
10. Analytical skills to identify and fault isolate problems/issues, accurately assess relevance of information, generate, and evaluate alternatives, and provide technical recommendations
11. Strong knowledge and understanding of current security threats, techniques, and landscape
12. Knowledge of cloud-based architecture desired