"Alerted.org

Job Summary

As a member of the Exposure Management Team, the Cyber Security Specialist for External Attack Surface Management owns complex analysis across internet-facing assets—cloud, hybrid, SaaS, domains, applications, APIs, certificates, and shadow IT—to identify, validate, and prioritize vulnerabilities, misconfigurations, leaked data, and other exposures that create a material business risk. The Specialist will operate within the existing exposure management team as a subject matter expert in vulnerability management, ensuring sound practices while designing, growing, and maintaining the external attack surface management program, contributing to vulnerability identification and remediation methodologies, supporting penetration testing practices, report generation, and more. The Specialist will be responsible for seeking out and reporting on vulnerability discoveries and classifications of new vulnerabilities as well as partnering with Threat Intelligence to incorporate current threat activity into risk prioritization. The Specialist will work directly with other security and information technology team members to develop plans for reporting and remediation of vulnerabilities across all operating systems, applications, and other internet-facing assets in the enterprise.

Essential Functions

+ Designs, configures, and implements advanced Cyber Security technologies, ensuring compliance with NIST and other industry frameworks.

+ Leads the identification, assessment, and resolution of complex security risks across infrastructure, applications, and data environments.

+ Provides strategic input on the development and execution of security controls, policies, and standards.

+ Partners with IT, business leaders, and audit stakeholders to align security strategies with enterprise initiatives.

+ Develops and maintains comprehensive documentation for security systems, processes, and incident response procedures.

+ Leads root cause analysis and resolution of high-impact security incidents and provides 24/7 expert-level support as needed.

+ Mentors technical staff, influencing organizational security decisions and driving continuous improvement initiatives.

+ Monitors security platforms and develops proactive threat detection and response strategies to reduce risk exposure.

+ Performs other duties as assigned.

+ Complies with all policies and standards.

Qualifications

+ H.S. Diploma or GED required

+ Associate Degree or Bachelor’s Degree in Cyber Security, Computer Science, Information Systems, or related field preferred

+ 7-9 years of Cyber Security or related IT experience required

+ 8-10 years of enterprise-level security experience preferred

Knowledge, Skills and Abilities

+ Deep technical expertise in enterprise security domains including endpoint, network, and cloud security.

+ Proven ability to troubleshoot, analyze, and resolve highly complex security issues.

+ Strong understanding of security frameworks (e.g., NIST 800-53) and regulatory compliance requirements.

+ Effective communicator with the ability to convey complex technical concepts to both technical and non-technical audiences.

+ Demonstrated leadership in mentoring, team collaboration, and cross-functional stakeholder engagement.

+ Ability to manage multiple initiatives in a fast-paced, high-risk environment.

Licenses and Certifications

+ Industry certifications such as CISSP, CISM, GIAC, OSCP, Security+, SSCP, GSEC, or ITIL preferred

Equal Employment Opportunity

This organization does not discriminate in any way to deprive any person of employment opportunities or otherwise adversely affect the status of any employee because of race, color, religion, sex, sexual orientation, genetic information, gender identity, national origin, age, disability, citizenship, veteran status, or military or uniformed services, in accordance with all applicable governmental laws and regulations. In addition, the facility complies with all applicable federal, state and local laws governing nondiscrimination in employment. This applies to all terms and conditions of employment including, but not limited to: hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. If you are an applicant with a mental or physical disability who needs a reasonable accommodation for any part of the application or hiring process, contact the director of Human Resources at the facility to which you are seeking employment; Simply go to http://www.chs.net/serving-communities/locations/ to obtain the main telephone number of the facility and ask for Human Resources.