Senior Network Engineer - Cybersecurity Specialist

At GrayMatter, we transform operations and empower people. Our consulting, implementation and technology curation services help industrial companies modernize their production environments and support operators working on the plant floor. Clients collaborate with GrayMatter to achieve their manufacturing efficiency goals, create intuitive data visualizations, reduce cybersecurity threats and guide successful digital transformation initiatives. 

And that’s where you come in.   

GrayMatter is dedicated to creating a team of unmatched talent in industrial technology. Our organizational culture encourages opportunities to learn and collaborate. Five core values woven into our DNA make Team GrayMatter stand above the rest: Accountability, Integrity, Respect, Innovation and Teamwork. 

We are seeking a Senior Network Engineer - Cybersecurity Specialist. The senior Network Engineer is responsible for the Court’s Cybersecurity initiatives as the court seeks to further enhance online city services, transforming the user experience for both municipal functions and everyday citizen experiences. The Senior Network Engineer serves as an advisor on Cybersecurity policies and procedures, conducting risk assessments and identification of potential security incidents and appropriate mitigation actions. The NECSS works across multiple departments and makes recommendations on measures to increase Cybersecurity awareness, training, and mitigation.

General Job Duties:  

• Develop, implement, and maintain the organization's information security policies, procedures, and standards in accordance with industry best practices and regulatory requirements.
• Conduct risk assessments and vulnerability assessments of the organization's information systems and networks to identify potential security threats and vulnerabilities.
• Develop and maintain incident response plans and procedures to ensure the organization can respond effectively to security incidents and breaches.
• Monitor and analyze security logs and alerts to identify potential security incidents and take appropriate action to mitigate them. Conduct security awareness training for employees to ensure they are aware of their responsibilities in safeguarding the organization's information assets.
• Stay up to date with the latest security threats and vulnerabilities and ensure the organization's security controls are up-to-date and effective.
• Collaborate with all departments to ensure that security is integrated into all aspects of the organization's operation
• This is an on-site role 

Knowledge, Skills and Experience Needed:  

• Bachelor’s Degree in an applicable field. An equivalent combination of experience and training will also be considered. 
• A valid State of Ohio Driver's License is required
• Four years of full-time paid management or administrative experience is required.
• Defines and develops security requirements using risk assessments, threat modeling, testing, and analysis of existing systems. Develops security integration plans to protect existing infrastructure and to incorporate future solutions.
• Designs action plans for policy creation and governance, system hardening, monitoring, incident response, disaster recovery, and emerging cybersecurity threats.
• Utilizes a variety of security information and event management (SEIM), data loss prevention (DLP), intrusion prevention systems (IPS), and other tools in design.
• Partners with stakeholders to encourage the adoption of security-compatible software designs and best practices.
• Keeps abreast of the latest intelligence from law enforcement and other sources of cyber threat information and briefs stakeholders with actionable information.

• Minimum of four years minimum years of experience in information security, including experience in risk management, vulnerability management, incident response, and security operations. Five years plus is preferred.
• Knowledge of industry-standard security frameworks such as ISO 27001, NIST, and CIS.
• Experience with security tools and technologies such as rewalls, intrusion detection/prevention systems, endpoint protection, and vulnerability scanners.
• Strong communication and people skills, with the ability to communicate complex technical concepts to nontechnical stakeholders. Professional certifications such as CISSP, CISM, or CISA are required.

• Medical, dental, and vision insurance beginning day one of employment
• Employer paid short term disability and life insurance
• 401(k) with up to 4% company match
• Paid holidays, paid time off, paid sick leave, and paid parental leave
• Additional benefits available such as long term disability, accident, critical illness, hospital indemnity, EAP, telemedicine, HSA and FSA