Cybersecurity Engineer at Great Lakes Cheese in Hiram, Ohio

Job Description:

Job Overview

The Cybersecurity Engineer will be responsible for implementing and maintaining cybersecurity controls in support of Great Lakes Cheese's (GLC) IT security program. This position will serve as a technical resource, advancing our threat monitoring, incident response, vulnerability management, and OT security initiatives. You will partner with stakeholders in IT to ensure successful implementation of cybersecurity controls, integration of tools, and provide ongoing operational maintenance of standard IT security tools.

Job Responsibilities

• Design, implement, and maintain security controls and procedures which prevent, detect, and respond to internal and external cyber threats.
• Contribute to the design and definition of GLC's Security Standards adhering to NIST CSF standards and CIS controls.
• Implement and effectively manage security policies, procedure, and tools including daily cybersecurity operations.
• Identify, investigate, escalate, or resolve security events detected by the security products or services through the review of logs real-time alerts, and other alert mechanisms
• Conduct threat hunting to proactively identify and respond to potential security threats.
• Investigate and respond to security incidents and breaches.
• Initiate threat response actions following critical cyber events, either through orchestration or manual efforts.
• Develop and maintain security KPIs, metrics, and publish security reports on a periodic basis.
• Define and establish comprehensive vulnerability management program.
• Collaborate with cross-functional teams to ensure security patches and updates are applied on a regular basis, reducing attack surface.
• Lead and deliver security remediation activities relating to the internal/external audits or assessments.
• Design, deliver, and manage comprehensive Identity and access management (IAM) program.
• Design methods and develop internal tools to reduce attack surface to software platforms, endpoints, network firewalls, OT environment, and Internet-facing services.
• Participate in the planning, design and testing of the business continuity and disaster recovery plan.
• Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and best practices and improve security operations processes.
• Coordinate between internal teams and 3rd party providers for event management, threat analysis, and incident response activities.
• Analyze security event data and control gap assessments to form proposals for ongoing operational improvements.
• Other responsibilities as assigned by the Manager.
• Ability to respond to critical issues or security event/incidents during off-hours and weekends as needed.
• Ability to travel up to 10% within the United States.

Required Education and Experience

• Bachelor's Degree in Computer Science, Information Systems or related field from an accredited institution.
• Minimum 2 Years of cybersecurity experience
• Deep knowledge of cybersecurity principles, network protocols, network security concepts,
• Hands on experience configuring:
• Firewalls, VPNs, proxies.
• Vulnerability management tools.
• Attack Surface Management tools
• Endpoint Detection & Response (EDR) tools
• IAM and Privileged access management (PAM) solutions
• Email security solutions.
• Security and information event management (SIEM) solutions.
• Experience with generating and maintaining cybersecurity documentation, incident reports, and acceptable use policies.
• Knowledge of OT/IoT/critical infrastructure protection concepts and standards.
• Understanding of the current threat landscape (threat actors, APT and cybercrime)
• Intermediate knowledge of Linux and Windows server administration
• Strong critical thinking skills
• Strong communication and customer service skills
• Strong analytical skills and have good written and verbal communication skills.
• Ability to handle multiple tasks, troubleshoot and problem solve beyond routine issues.
• Strong teamwork approach to problem solving with the ability to make sound, independent decisions based on functional expertise and experience.

Preferred Education and Experience

• Master's degree in relevant discipline
• Industry recognized certifications CISM, CISSP, etc.
• Ethical Hacker or proven open source cybersecurity tool development.
• Practical knowledge of security standards and frameworks (ISO, NIST, CIS, etc.)
• Practical knowledge of risk management, and IT compliance and governance
• Experience managing cybersecurity projects
• Experience in manufacturing environments, networking, and protocols
• Knowledge of conducting security assessments including penetration testing.
• Knowledge of business applications access control and security management (SAP).

Working Conditions

• Occasional exposure to industrial operations including: temperature extremes from approximately 35°F to 100°F; noise levels in excess of 85 dB; moisture and moving machinery.

• Work is performed in an office setting.

EEOC & Disclaimer

Great Lakes Cheese is an Equal Opportunity Affirmative Action Employer.