• Provide support for assigned Information Security platforms as well as escalation operational support for the IT Infrastructure team.
• Assist in the design, implementation and maintenance of security-focused tools and services.
• Collaborate effectively with all departments to help develop and implement appropriate security controls.
• Proactively monitors SIEM Systems and conducts integrated analysis of multiple log sources.
• Proactively monitors security alerts via CVE and NIST and can articulate the risk based on the CVSS rating as well as recommend actions to the IT Director and IT Infrastructure team.
• Maintains continuous awareness of current security related events and the impact of security to business operations.
• Conduct scheduled audits of security controls, prepare reports and present to leadership.
• Build and support a DevSecOps culture.
• Deliver security training and consulting as required.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, Business or other degrees in related fields
• 3 years of experience in a security role within a corporate environment
• Proficient in Windows and Linux-based operating systems
• Proficient in Microsoft 365 applications
• Ability to assess and remediate email-based security threats
• Experience automating security-related operational tasks
• Experience writing code/scripts with at least two of the following languages: PowerShell, Java/J2EE, JavaScript/AJAX, C#/C++/C, Perl, Python, SQL
• Experience with encryption and certificate/key management
• Experience with network security controls such as VPN gateways, next generation firewalls, web filters, IPS, IDS, ACLs, DLP, etc.
• Experience with Privileged Access Management solutions
• Experience conducting security audits, preparing reports and presenting to leadership
• Experience working in a DevSecOps environment
• Knowledge of domestic and international privacy laws (NY Shield Act, CCPA, GDPR, etc.)
• Knowledge of networking protocols and hardware configurations (switches, routers, firewalls, wireless controllers, etc.)
• Knowledge of On-Premises and Cloud IT Infrastructure
• Commitment to quality and attention to detail
• Strong troubleshooting and problem-solving skills
• Strong teamwork and collaboration skills
• Strong communication skills and ability to interact with all levels of the organization
• Highly self-motivated and self-directed

Preferred Qualifications:

• Certified Information Systems Security Professional (CISSP)
• One or more of the Certified Information Privacy Professional (CIPP) concentrations (A/C/E/US)
• Experience supporting and maintaining SOC 2 compliance
• Experience supporting and maintaining NIST 800-53 standards
• Experience in a GRC role

Work Environment

ADA Physical/Mental/Workplace Requirements

• Occasional lifting up to 25 lbs.
• Ability to move easily about a manufacturing factory

Gorbel® is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, gender, gender identity, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Gorbel® is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform their job related duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at 585-924-6204.