Cyber Security Specialist (668545) in Westminster, CO

View All Aerospace & Defense jobs


Aerospace & Defense   •  

5 - 7 years

Posted 7 weeks ago

Cyber Security Specialist

What you'll do:

  • Perform event and incident triage, threat hunting, and incident response (to include basic malware analysis and forensic investigations).
  • Security Orchestration, Automation and Response (SOAR) specialist that can combine comprehensive data gathering, case management, standardization, workflow and analytics to provide ability to implement sophisticated defense-in-depth capabilities.
  • Use industry-leading commercial and open source software to detect, evaluate, triage, prioritize, and respond to security events.
  • Educate employees about the dangers of phishing by launching educational mock-phishing campaigns.
  • Develop, maintain, and enforce security operations policies, standards, and processes (run books); seeking continuous improvement and driving efficiency.
  • Manage cross-department collaboration and communication to ensure appropriate security processes, procedures and tools are installed, monitored, and effectively operating and alerting.
  • Be an escalation point for cyber security incidents.
  • Participate in on-call rotation.
  • Serve as a Subject Matter Expert (SME). Provide expertise and understanding of all aspects of the Security Operations landscape, working with senior leadership to mold, shape, and expand the security operations footprint.
  • Support vulnerability management and penetration tests.
  • Provide guidance and support to the development of corporate information security policies, standards, and guidelines.
  • Communicate with resource owners and end users to increase their awareness of security threats, protections, and applicable security policies and standards.
  • Maintain a regular and predictable work schedule.
  • Establish and maintain effective working relationships within the department, the Strategic Business Units, Strategic Support Units and the Company. Interact appropriately with others in order to maintain a positive and productive work environment.
  • Perform other duties as necessary.

What you'll need:

  • BS degree in Information Technology or a related technical field plus 5 or more years related experience.
  • Each higher-level degree, i.e., Master's Degree or Ph.D., may substitute for two years of experience. Related technical experience may be considered in lieu of education. Degree must be from a university, college, or school which is accredited by an agency recognized by the US Secretary of Education, US Department of Education.
  • Security professional with 3-5 years of hands-on deep technical experience in the industry.
  • Security analysis, threat hunting, forensics, flow analysis, and log management experience.
  • IDS/IPS management, PCAP carving, file extraction, and long tail analysis experience.
  • Strong understanding of attacker tactics, techniques, and procedures.
  • Excellent written and verbal communication skills.
  • Strong understanding of endpoint and network security.
  • Strong understanding of SIEM technology and network forensics.
  • Experience with or knowledge of vulnerability management and penetration testing of systems, applications, and networks.
  • Preferred Security Certifications (but not required):
  • GREM (highly preferred), OSCE, OSCP, GMON, GCED, GCIA, GCIH, GSEC, CISSP, etc.
  • General understanding of industry standards, compliance, and legal guidelines:
  • ISO 27001, NIST 800-53, SOC 2, SSAE 16, SOX, HIPAA, CIS Top 20 Critical Controls, etc.
  • Ability to work well under minimal supervision.
  • Strong team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including vendors and IT and business personnel.
  • Must be eligible to obtain a national security clearance/access.

Working Conditions:

  • Work is performed in an office environment, laboratory, cleanroom, or production floor.
  • Travel and local commute between Ball campuses and other possible non-Ball locations may be required.

Security Clearance:

Successful applicant for this position must be eligible to obtain a DoD clearance or government customer access to classified/sensitive material. A current DoD clearance is not required to be eligible for this position, however the successful applicant will be required to obtain a DoD clearance or government customer access within a reasonable time after the offer is extended and must be able to maintain the applicable clearance. *US Citizenship is Required. By applying to this position you are agreeing to complete a National Security Clearance Pre-Screen Questionnaire, if one is required, to evaluate your general ability to obtain the required security clearance or government customer access associated with this position.