|Date Posted||June 2, 2021|
The Cybersecurity Engineer is responsible for cyber security assessment, continuous monitoring, vulnerability and penetration testing activities to support the CoreCivic NIST 800-53 program. Detects security threats, conducts detailed and comprehensive investigations and drives issues to remediation and closure.
- Detects and responds to advanced threats, actor techniques, anomalous or suspicious activity to identify potential and active risks to systems and data. Investigates incidents, provides resolution, or makes recommendations for corrective action or enhancement to security systems and controls as needed.
- Stays current on emerging vulnerability and threat trends and correlates these threats against CoreCivic systems and data under NIST 800-53 guidelines.
- Performs assignments involving cyber security governance, policy, and process review/redesigns across the IT enterprise.
- Assists in the implementation of security policies/requirements to support the NIST Cybersecurity Framework (CSF) and make recommendations in terms of accepting, mitigating and escalating risk.
- Stays current on all aspects of cybersecurity and applies technical application security testing expertise to assist in identifying weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data.
- Recommends new capabilities and efforts to improve the effectiveness of a continuous monitoring program and assists with developing and maintaining plans of action and milestones (POA&M).
- Collaborates on security issues related to systems and workflows ensuring internal security controls for business operations are in place and adhere to applicable InfoSec regulations. Serves as an internal consultant to various levels of management and facility leadership regarding emerging technologies.
- Follows and adheres to defined processes, policies and change-management procedures.
- Domestic U.S. travel may be required.
CoreCivic is a diversified government solutions company with the scale and experience needed to solve tough government challenges in cost-effective ways. We provide a broad range of solutions to government partners that serve the public good through high-quality corrections and detention management, innovative and cost-saving government real estate solutions, and a growing network of residential reentry centers to help address America’s recidivism crisis. We are a publicly traded real estate investment trust (REIT) and the nation’s largest owner of partnership correctional, detention and residential reentry facilities. We have been a flexible and dependable partner for government for more than 30 years.
Professionalism. Respect. Integrity. Duty. Excellence (PRIDE). These words describe the essence of our values as a company. PRIDE is personified everyday by every employee at every level at CoreCivic. It shapes the choices we make and is the roadmap to how we achieve our mission and realize our vision. CoreCivic is the leader in private correctional facilities and we are growing into the leader in the rehabilitation and re-entry market with facilities nationwide. Our facilities make a difference with the giving of both time and resources to organizations that are doing important work locally. CoreCivic is always recognized as a valued partner because of our unwavering commitment to community. Learn more at http://www.corecivic.com/.
- Graduate from an accredited college or university with a Bachelor's degree in Information Technology or related field.
- Three years of work experience in information technology security operations, working with various system logs and security tools to detect and resolve security threats.
- Additional years of related work experience may be substituted for the education requirement on a year-for-year basis.
- Working knowledge of network topologies, security tools such as SIEM, HIDS/HIPS, NIDS/NIPS, security analysis tools.
- Experience with Cloud Computing and technology.
- Must have strong verbal and written communication skills; ability to communicate effectively with internal and external business partners as well as technical, and non-technical staff.
- Must have the ability to work in a team environment and manage multiple activities simultaneously.
- Strong critical thinking and problem solving skills.
- U.S. citizenship is required.
- A valid driver’s license is required.
- CEH, CISSP, or SSCP certification preferred.
CoreCivic is a Drug Free Workplace & EOE – M/F/Vets/Disabled.