Cybersecurity Specialist 3
Auto Import<p>This is a remote position.</p><p style="margin:0in; font-family:Calibri; font-size:11pt"><span style="font-weight:bold">Job Description</span><br></p><p style="margin:0in; font-family:Calibri; font-size:11pt">Our utility industry client is seeking an Allowlisting Security Specialist to support security initiatives and ongoing cybersecurity programs. This role will focus on securing Windows and Linux environments, automating security processes while supporting broader cybersecurity initiatives and secure system design. <br></p><p style="margin:0in; font-family:Calibri; font-size:11pt"> <br></p><p style="margin:0in; font-family:Calibri; font-size:11pt"><span style="font-weight:bold">Scope </span><br></p><p style="margin:0in; font-family:Calibri; font-size:11pt">The scope includes working with members of the IT&S (Information Technology and Services) Department to: <br></p> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Design, implement, and maintain enterprise application allowlisting policies in IT and OT environments </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Implement and manage AppLocker policies for Windows environments </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Deploy and tune Microsoft Defender Application Control (WDAC / App Control for Business) </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Deploy and manage Red Hat fapolicyd for Linux systems </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Define trusted sources using publisher, hash, and path rules </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Integrate logs into SIEM tools such as Splunk for monitoring and alerting </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Develop automation using Group Policy, Intune, and Ansible </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Reduce attack surface by enforcing default-deny execution controls </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Collaborate with multiply teams to onboard systems and software into allowlisting </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Support governance boards (ARB, TRB, CAB) and documentation requirements </span><br></li> </ul><p style="margin:0in; font-family:Calibri; font-size:11pt"> <br></p><p style="margin:0in; font-family:Calibri; font-size:11pt"><span style="font-weight:bold">Deliverables </span><br></p> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Allowlisting policy framework and standards </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">AppLocker, WDAC, and fapolicyd configurations </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Automation scripts and deployment guides </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Documentation for audits and compliance </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Metrics and reporting on allowlisting effectiveness </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Consult with project team and other stakeholders, e.g., IT practitioners, the Cybersecurity and Compliance teams, Enterprise Architecture, Applications, Infrastructure, Network, Database, OCM, etc. during testing and implementation.</span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">All changes will follow the Change management policies and procedures. </span><br></li> </ul> <div> <br> </div><br><h3>Requirements</h3><p style="margin:0in; font-family:Calibri; font-size:11pt"><span style="font-weight:bold">Key Skills and Qualifications </span><br></p> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">4+ years of practical cybersecurity or endpoint security experience. </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Hands-on experience with: </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt"> </span><br></li> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Microsoft Applocker </span><br></li> </ul> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt"> </span><br></li> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Application Control for Business/Windows Defender Application control (ACFB/WDAC) </span><br></li> </ul> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt"> </span><br></li> <ul style="direction:ltr; unicode-bidi:embed; margin-top:0in; margin-bottom:0in"> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Red Hat fapolicyd and satellite </span><br></li> </ul> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Experience with SIEM tools (e.g., Splunk) for log analysis and alerting </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Experience with Intune and MDE integration </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Industry cybersecurity and technology certifications are a plus. </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Experience working in a regulated utility environment is a plus. </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Experience working in a remote, cross functional team, with the ability to drive the scope of work. </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Ability to lead work effort with little day to day supervision. Ability to work through ambiguity and escalate issues to maintain project momentum. </span><br></li> <li style="margin-top:0; margin-bottom:0; vertical-align:middle"><span style="font-family:Calibri; font-size:11pt">Excellent interpersonal skills, including collaboration, facilitation, and negotiation. </span><br></li> </ul> <div> <br> </div><br>