Position Summary The Cyber Security Systems Engineer is responsible for designing, implementing, and managing the organization's cybersecurity infrastructure at an advanced level. This role involves sophisticated security systems management, incident response, threat analysis, and ensuring compliance with security policies and regulations. The Cyber Security Systems Engineer collaborates with various departments to protect the organization's assets and data from cyber threats. This position reports to the IT Director and works closely with other security professionals to maintain a robust security posture. Success in this role requires adherence to the organization's core values of Stronger Together, Own it, Breed Excellence, Do the Right Thing, and Responsible. Key Accountabilities
- Designs, implements, and manages advanced security systems and solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
- Monitors and analyzes security events, incidents, network traffic, and logs using security information and event management (SIEM) tools for malicious or anomalous activity.
- Leads the investigation and resolution of security breaches, vulnerabilities, and other incidents, providing technical support and guidance.
- Conducts comprehensive vulnerability assessments and scans, report findings to senior staff, and recommends appropriate remediation measures.
- Performs in-depth threat analysis and recommends appropriate remediation measures.
- Manages and configures security tools and technologies such as Palo Alto firewalls, Nessus vulnerability scanning, and cloud platforms (Azure, AWS, and OCI).
- Develops and enforces security policies, procedures, standards, and best practices across the organization.
- Leads the development and execution of incident response plans.
- Documents and reports on security incidents, findings, and recommendations.
- Conducts system audits and compliance checks to ensure security best practices are being followed and verify compliance with industry standards and regulations such as NIST, CIS, ISO, and SOX.
- Provides technical support and guidance to users regarding security issues.
- Stays current on cybersecurity trends, emerging threats, and research to enhance security measures.
- Complies with all the Company's Safety and Environmental policies, practices, and programs. Take corrective action within training limitations. Escalate as necessary.
- Participates in and adhere to all training programs designed to enhance HSE knowledge, safety standards, and job performance.
- Performs other duties as assigned.
Education, Certifications, Licenses
- High school diploma required.
- Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent work experience and/or certifications.
- Certifications such as CompTIA Security+, CEH, GSEC, CySA+, or CISSP are preferred but not required.
Experience
- At least five years of experience in cybersecurity engineering, analysis, or a related field.
Knowledge, Skills, and Abilities Critical:
- In-depth knowledge of cybersecurity principles, threats, vulnerabilities, and attack vectors.
- Knowledge of security monitoring and incident response procedures.
- Expertise in using, managing, and maintaining security tools and software (e.g., SIEM, IDS/IPS).
- Analytical and problem-solving skills.
- Ability to analyze security alerts, logs, network traffic, and conduct vulnerability assessments and scans
- Capability to enforce security policies and ensure compliance.
- Advanced knowledge of network security and firewalls.
- Awareness of current cybersecurity threats and trends.
Required:
- Proficiency in vulnerability management processes.
- Communication skills, both verbal and written, with technical and non-technical audiences.
- Ability to work independently and collaboratively as part of a team of security professionals.
- Ability to work under pressure and handle multiple tasks.
- Knowledge and capability to implement security controls and ensure compliance requirements.
- Knowledge of security principles, frameworks, and standards such as NIST, ISO, SOX, and regulatory requirements.
- Ability to conduct vulnerability assessments and scans.
- Ability to stay updated on the latest cybersecurity developments.
- Ability to collaborate with other departments and stakeholders.
Desired:
- Proficiency in threat research methodologies.
- Knowledge of advanced security concepts and technologies.
- Experience with scripting or programming for automation.
- Proficiency in conducting security audits.
- Skills in forensic analysis and investigation.
- Ability to recommend and implement mitigation strategies for emerging threats.
- Capability to participate in compliance audits.
- Ability to provide training and guidance to other team members.
Work Environment
- Primarily office work environment.
- Routine work involves common office activities during a typical 9-hour day such as standing, sitting, walking, typing, and twisting as necessary.
- May be required to occasionally lift to 25 pounds.
- Must follow all company safety policies, including when visiting field locations.
Compensation and Benefits The pay range for this position is between $99,840 and $118,560 annually based on a full-time schedule.Please note that the annual salary information is a general guideline, and that annual salary will vary depending on your location and that Berry Corporation ( Berry ) will consider factors such as (but not limited to) scope of responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considers when extending an offer.This position is eligible for short-term cash incentive bonus and long-term incentive awarded in restricted share units, excellent benefits including full health benefits, 401(k) with company match and immediate vesting, tuition reimbursement, 9/80 flex schedules, and generous paid time off. Equal Employment Opportunity Statement Berry Corporation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws and will not be discriminated against on the basis of disability. LINK to Equal Employment Opportunity Posters: Reasonable Accommodation Notice If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Human Resources at 661-###-#### or
[email protected]. Pay Transparency Notice Berry Corporation ( Berry ) will not discharge or in any other manner discriminate against an applicant or employee because they have inquired about or discussed compensation. Notice to Third Party Agencies Please note that Berry Corporation ( Berry ) does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Agreement, Berry will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, Berry explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, will not be reviewed or considered in part of the application process. This job description is not intended to be an all-inclusive list of duties nor account for all abilities required to perform the job. It is a general description of the nature of the position. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)