Cybersecurity Engineer

N

Northcross Group

Cybersecurity Engineer

Portland, ME
Full Time
Paid
  • Responsibilities

    Benefits:

    401(k)

    401(k) matching

    Competitive salary

    Employee discounts

    Health insurance

    Opportunity for advancement

    Paid time off

    Training & development

    Vision insurance

    Wellness resources

    Cybersecurity Engineer / Analyst

    About Northcross Group

    At Northcross Group (NCG), a Portland, Maine-based systems integration and cybersecurity firm, we support clients in the private and public sectors and address a variety of technology integration and cybersecurity initiatives. We provide quality business solutions and understand the importance of providing the same level of care to the people who will use it and the underlying data. These fundamentals—technology, data, and people—are all a part of the equation for success.

    Opportunity Description

    NCG is looking for a Cybersecurity Engineer with experience in assessing and building cybersecurity programs with a focus on penetration testing and DevSecOps. NCG supports clients in a broad range of industries (financial services, healthcare, transportation, and the Federal Sector) that are subject to number of regulatory requirements and industry standards for security.

    NCG seeks a Cybersecurity Engineer with the programmatic and technical experience to provide direct client support and assessment functions aligned to applicable compliance frameworks. The Cybersecurity Engineer will work with our team helping clients develop and manage compliant infrastructures honed to meet the current remote/virtual workforce needs while addressing requirements for data and system security and privacy. This position will play a lead role in defining NCG corporate strategy in the cybersecurity space and alignment with other NCG system integration service offerings.

    The Cybersecurity Engineer is responsible for performing penetration tests and security assessments on systems, networks, and applications. This role will also work with development and security teams to integrate security into the software development lifecycle.

    Role & Responsibilities

    We are looking for a hands-on Cybersecurity Analyst to collaborate with internal team members and clients to design, implement, and provide ongoing oversight of cybersecurity programs that align with industry and organizational considerations.

    Responsibilities:

    Perform penetration tests and security assessments on systems, networks, and applications

    Identify and exploit vulnerabilities in order to assess and improve security posture

    Report findings and recommendations to development and security teams

    Work with clients to implement security improvements

    Work with development teams to fix security vulnerabilities

    Automate security testing and scanning throughout the software development lifecycle

    Develop and implement security best practices

    Train and educate developers on security best practices

    Engage with internal and external clients to ensure successful audience adoption

    Keep abreast of industry best practices

    Train and mentor junior team members

    Participate in NCG initiatives and contribute positively to our team environment

    Required Qualifications

    · Bachelor's degree and at least two years of relevant professional experience

    · 3+ years of experience in penetration testing and/or security assessments

    · 2+ years of experience in DevSecOps

    · Experience with cybersecurity frameworks (NIST, FISMA, CMMC, etc.)

    · Experience with security testing and scanning tools

    · Strong understanding of networking, operating systems, and security concepts

    · Experience with scripting languages such as Python or PowerShell

    · Strong problem-solving and analytical skills

    · Excellent communication and teamwork skills

    · Excellent written and verbal communication and exceptional attention to detail

    Preferred Qualifications

    Experience with offensive security tools and frameworks

    Certifications such as OSCP, CEH, or CISSP

    Experience with DevSecOps tools and practices

    Experience with containerization technologies such as Docker and Kubernetes

    Experience with cloud security tools and technologies

    Benefits

    At NCG, we have a commitment to excellence driven by continuous improvement across all areas of our business. We value our team members and offer competitive benefits, work/life balance, and opportunities for advancement. Benefits include:

    Competitive salary

    Employer-paid Health Insurance

    Dental Insurance

    Vision Insurance

    Employer contributing 401(k) Retirement Benefits

    Employer provided Life Insurance and Short- & Long-Term Disability Insurance

    Three weeks paid time off

    Eleven paid holidays

    Tuition and education benefits