At CoreCivic, our employees are driven by a deep sense of service, high standards of professionalism and a responsibility to better the public good. CoreCivic is currently seeking a Cyber Security Engineer located at our corporate office in Brentwood, TN.  Come join a team that is dedicated to making an impact for the people and communities we serve.

The Cyber Security Engineer is responsible for cyber security assessment, continuous monitoring, vulnerability and penetration testing activities to support the CoreCivic NIST 800-53 program. Detects security threats, conducts detailed and comprehensive investigations and drives issues to remediation and closure.

• Detects and responds to advanced threats, actor techniques, anomalous or suspicious activity to identify potential and active risks to systems and data.  Investigates incidents, provides resolution, or makes recommendations for corrective action or enhancement to security systems and controls as needed.
• Stays current on emerging vulnerability and threat trends and correlates these threats against CoreCivic systems and data under NIST 800-53 guidelines.
• Performs assignments involving cyber security governance, policy, and process review/redesigns across the IT enterprise.
• Assists in the implementation of security policies/requirements to support the NIST Cybersecurity Framework (CSF) and make recommendations in terms of accepting, mitigating and escalating risk.
• Stays current on all aspects of cybersecurity and applies technical application security testing expertise to assist in identifying weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data.
• Recommends new capabilities and efforts to improve the effectiveness of a continuous monitoring program and assists with developing and maintaining plans of action and milestones (POA&M).
• Collaborates on security issues related to systems and workflows ensuring internal security controls for business operations are in place and adhere to applicable InfoSec regulations.  Serves as an internal consultant to various levels of management and facility leadership regarding emerging technologies.
  Follows and adheres to defined processes, policies and change-management procedures.
• Domestic U.S. travel may be required.

JOB.DESCRIPTION
This position is a
Pay Grade JOB.OU.GRADE.TITLE
JOB.MINIMUM.QUALIFICATIONS               

At CoreCivic we know our employees are driven by a deep sense of service, high standards of professionalism and a responsibility to better the public good. We are proud to offer our employees opportunities for growth and advancement. We hope that you have a long and successful career with us. The keys to success are in your hands!

We are currently seeking a Cyber Security Engineer that is dedicated to making an impact for the people and communities we serve. This position is located at the Facility Support Center (FSC) in Brentwood, TN. 

The Cyber Security Engineer is responsible for cyber security assessment, continuous monitoring, vulnerability and penetration testing activities to support the CoreCivic NIST 800-53 program. Detects security threats, conducts detailed and comprehensive investigations and drives issues to remediation and closure.

• Detects and responds to advanced threats, actor techniques, anomalous or suspicious activity to identify potential and active risks to systems and data.  Investigates incidents, provides resolution, or makes recommendations for corrective action or enhancement to security systems and controls as needed.
• Stays current on emerging vulnerability and threat trends and correlates these threats against CoreCivic systems and data under NIST 800-53 guidelines.
• Performs assignments involving cyber security governance, policy, and process review/redesigns across the IT enterprise.
• Assists in the implementation of security policies/requirements to support the NIST Cybersecurity Framework (CSF) and make recommendations in terms of accepting, mitigating and escalating risk.
• Stays current on all aspects of cybersecurity and applies technical application security testing expertise to assist in identifying weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data.
• Recommends new capabilities and efforts to improve the effectiveness of a continuous monitoring program and assists with developing and maintaining plans of action and milestones (POA&M).
• Collaborates on security issues related to systems and workflows ensuring internal security controls for business operations are in place and adhere to applicable InfoSec regulations.  Serves as an internal consultant to various levels of management and facility leadership regarding emerging technologies.
  Follows and adheres to defined processes, policies and change-management procedures.
• Domestic U.S. travel may be required.

Qualifications:

• Graduate from an accredited college or university with a Bachelor's degree in Information Technology or related field is required. 
• Three years of work experience in information technology security operations, working with various system logs and security tools to detect and resolve security threats is required. 
• Additional years of related work experience may be substituted for the education requirement on a year-for-year basis.
• Working knowledge of network topologies, security tools such as SIEM, HIDS/HIPS, NIDS/NIPS, security analysis tools. 
• CEH, CISSP, or SSCP certification preferred.
• Experience with Cloud Computing and technology. 
• Must have strong verbal and written communication skills; ability to communicate effectively with internal and external business partners as well as technical, and non-technical staff. 
• Must have the ability to work in a team environment and manage multiple activities simultaneously.  Strong critical thinking and problem solving skills are required. 
• U.S. citizenship is required. 
• Minimum Age Requirement: Must be at least 18 years of age.
• A valid driver’s license is required.

CoreCivic
is a Drug-Free Workplace and EOE – including Disability/Veteran.