• Cybersecurity Engineer II - Directory Services

    NASCO (Phoenix, AZ)


    Overview

     

    We are seeking a well-rounded Cybersecurity Engineer II with a strong background in managing and Directory Services within a tech company. This remote position works with our remote based team as a critical part of our security plan.

     

    The successful candidate will be responsible for ensuring the integrity, confidentiality, and availability of our directory services, while proactively mitigating risks associated with identity management.

     

    This person works under general direction and provides engineering support and capability to consult/troubleshoot security related matters for enterprise products, information systems and network architectures. The Cybersecurity Engineer II promotes compliance with security policies and procedures, recommends secure best practices during architecture, designs and implements phases of the product lifecycle. This position protects against unauthorized access, modification, or destruction of systems or data. This role demonstrates the importance of building security requirements and practices into the systems engineering process and the software development lifecycle. A wide degree of security-relevant creativity and latitude is expected.

    Responsibilities

    + Provides daily, ongoing security oversight of assigned moderately complex systems, including the security impact of proposed modifications, additions, and technology refresh evolutions

    + Works within a team to develop customized technical solutions to unique problems while adhering to security policies, procedures, standards and best practices

    + Develops creative technical and procedural solutions to effectively secure information systems without introducing significant operational overhead

    + Aids in the development of architectural designs, and reviews new product implementations

    + Assists withtroubleshooting and performs research to identify the cause of issues and identify potential solutions

    + Provides mitigation recommendations to reduce identified security risks

    + Establishes and enforces security best practices, protection objectives, process improvements and effective security controls with associates and customers

    + Assists in security incident response and documentation

    + Assesses the overall security risks to the system by understanding system security vulnerabilities and associated threats

    + Analyzes impact of software installations, configurations and infrastructure modifications to minimize system downtime when recommending security remediation’s

    + Assists in mentoring junior team members on security operations processes and procedures

    + Advises associates of the security features and procedures used in their products and systems

    + Performs regularly scheduled security reviews (e.g., technology, operations and personnel)

    + Participates in annual reviews of policies, procedures and security controls in support of security framework assessments

    Qualifications

    Required Knowledge, Skills, and Abilities:

    + Strong knowledge of Microsoft Active Directory, including how to build and harden Domain Controllers, Active Directory Certificate Services, LAPS, and other security related services

    + Technically proficient knowledge of Active Directory monitoring solutions such as Netwrix or Axonius

    + Technically proficient knowledge of network and security architecture principles, identity and access management systems, directory services such as LDAP

    + Knowledge of how to secure enterprise infrastructure spanning on-premise and cloud environments

    + Knowledge of automation technologies, including AI

    + Knowledge of secure software development lifecycle, including understanding of code analysis and ability to develop and analyze powershell scripts

    + Knowledge of cybersecurity operation processes and essential security program functions that include event monitoring and alerting, security information and event management technologies, risk management, vulnerability scanning and management, access controls and authentication measures

    + Ability to connect threat analysis to risk management principles to formulate security priorities and provide business level risk decision support

    + Ability to gather, analyze and interpret business drivers and developing practical security solutions that provide value to security and support the business

    + Ability to work with customers to understand and respond to their information security needs and/or concerns, represent our security program and how the program protects the customers’ data, and discuss the roadmap designed to continuously improve our security posture

    Experience:

    + 8 years of experience in Information Security

    + 5 years of Microsoft Active Directory security experience

    + 5 years of experience implementing and enforcing security directives, policies, publications and regulations

    + 5 years of experience with software and security architectures and has a clear understanding of security protocols and standards

    + 5 years of experience with IT system, local and wide-area network administration, telecommunications, and/or security protection technologies including multi-factor authentication and single sign-on technologies

    + 5 years of experience supporting risk assessment work, IT auditing of compliance requirements, or framework gap analysis

    Required Training, Certification and Education:

    + Bachelor’s degree in computer science, information systems, engineering, business administration or a related field; experience can be substituted

    Working Conditions:

    + Must be able use equipment at workstation for up to 8 hours daily

    + May require after hours work if a system outage and/or security incident occurs

    + Working remotely

    Benefits Overview

    At NASCO, we trust our workforce to be fully remote, **_working from their home_** . This benefit offers significant, personalized outcomes for each associate including work/life balance, savings on commuting, work clothing, and increased time to spend on personal activities.

     

    Our full benefit package is designed to support the physical, mental, and financial health of our associates. We offer:

    Physical and Mental Health Benefits

    + Choice of Blue Cross Blue Shield Medical, Dental, and Vision Plans

    + Telehealthcare – for Medical and Behavioral visits

    + Generous PTO with buy/sell options

    + 9 Company holidays, a floating day off, and a day off for volunteering

    + Employee Assistance Program

    + Wellness program - earn insurance discounts or credit towards health-related items

    Financial Health Benefits

    + 401K Plan with employer matching contributions

    + Company-funded spending/reimbursement accounts to help with out-of-pocket medical expenses

    + Bonus and Recognition programs

    + Tuition Assistance

    + Consultation with financial planner

    + Basic Life & AD&D Insurance, Short and Long-Term Disability Insurance provided, and Supplemental Term Life Insurance is available

    + Group Discount programs - mobile, technology services, etc., to help you save money

    Other Benefits

    + E-Learning – Comprehensive and current library of e-learning and performance support assets, available on demand and at no cost

     

    NASCO is an Equal Opportunity Employer/veterans/disability/race/color/religion/sex/sexual orientation/gender identity/national origin. Must have legal authority to work in the US.

     

    _We will not accept applicants that use AI when answering the screening questions._ _Applicants who use AI to answer any questions or to complete their application will not be considered for employment._

     

    **Location** _US-Home Office/ Remote_

    **\# Positions** _1_

    **Category** _Security Operations_

    **Travel Requirements** _0-20%_