Cyber Security Engineer

at SSR Mining, Inc.
Published May 24, 2023
Location Denver, CO
Category Default  
Job Type Full-time  


Who Are We?SSR Mining Inc. is a leading, free cash flow focused intermediate gold company with four producing assets located in the USA, Turkey, Canada, and Argentina, combined with a global pipeline of high-quality development and exploration assets in the USA, Turkey, Mexico, Peru, and Canada.SSR Mining is committed to delivering excellence through the contributions of our dedicated employees. With an industry-leading pipeline of projects, strong financial positioning, and talented employees, we aim to continue building on our strong foundation - we have high expectations for the future!Job Description:The Cyber Security Engineer will manage the day-to-day operations and continued evolution of the organization's Cyber Incident Response and Threat and Vulnerability programs, through the management and collaboration of our internal and outsourced IT and Cyber partners. This individual is expected to oversee the threat and risk landscape of SSR Mining, implement industry best practices across our tools, services (both internal and supply chain), endpoints, and manage our incident response process.This individual will manage many aspects of the Vulnerability Assessment Framework (VAF) including any framework updates needed for the organization as technology changes. This individual will also manage the organization's Internal and external penetration testing program as part of the overall Vulnerability Program. The Day to Day:Develop and direct the Enterprise Incident Response Program ensuring continuous maturity.Define and maintain dashboards and metrics that support Incident Response Program and Vulnerability/Penetration Testing maturity efforts.Provide cyber security related briefings, status updates, and consultancy to various audiences, including technical and executive leadership teams.Provide leadership for incident response investigations, coordinate response activity and brief senior leaders while maintaining confidentiality.Utilize exceptional attention to detail and follow-through skills to coordinate and communicate activities, and status updates.Unwavering focus and crisis management skills and the ability to manage relationships and communication channels.Exceptional written and verbal presentation skills - able to articulate complex technical issues concisely to both technical personnel and executive-level management.Exceptional leadership skills, able to lead, manage and grow a global cyber security operations center and incident response program.Advanced critical thinking and decision-making ability, able to explain and defend a complex decision point.Demonstrated ability to communicate complex subjects regarding strategic and tactical incident response processes to stakeholders of varying technical levels.Highly motivated and self-sufficient, able to operate autonomously within the scope of the role.Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents.Is This You?Bachelor's degree in Cyber Security, Computer Information Systems, Computer Science, Information Systems Management, or a minimum of 4 years of equivalent professional experience.Proficient in cybersecurity principles, risk management, application development, algorithms, protocols, and technologies supporting encryption, authentication, access control, attack patterns and network security.5+ years of progressively responsible experience in leading and developing programs.Understanding of customizing Vulnerability Risk Calculations/Threat Modeling, CVSS Scoring, External Cyber Intelligence gathering and Penetration Testing scoping frameworks.Understanding of Internal and External Team (Red, Purple, Blue) testing to include Public/Private Cloud, Web, API, Mobile, ICS and OT technologies.Excellent analytical and communication skills. Must be self-directed and committed to achieving results and have a strong sense of ownership and ability to follow-through.Ability to manage multiple initiatives with minimal oversight.Strong problem-solving skills and the ability to make decisions and recommendations that balance a variety of factors.Strong interpersonal skills and the ability to communicate and interface with all levels of the organization's management and staff. Ability to clearly present material and address technical concepts in terms of operational impact.Desired:Currently certified in a Cyber Security Domain (i.e. CISSP, CISM, SANS, OWASP, CISA, etc.)Experience managing Incident Response processes.Up to10% travel with international travel possible.For applicants residing in CO, the salary range for this role is from $75,000-$90,000.Benefits: 401(k); medical/dental/vision insurance; employee share purchase plan, PTO, and STI.#INDSSRSSR Mining Inc. is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Drop files here browse files ...