Cyber Security Engineer III

At CoreCivic, our employees are driven by a deep sense of service, high standards of professionalism and a responsibility to better the public good. CoreCivic is currently seeking a Cyber Security Engineer III located at our corporate office in Brentwood, TN. Come join a team that is dedicated to making an impact for the people and communities we serve.

This will be a hybrid work position with weekly in-office expectations. The position will be based in Nashville, TN.

The Cyber Security Engineer III provides a detailed level of engineering support for all information security tools by determining security requirements, planning, implementing, and administering security systems. Assists in the development and implementation of security policies, procedures and measures in a secure environment. Mentors team members on use of security tools and new security technologies.

• Determines security requirements by evaluating business strategies and needs.

• Researches information security standards, conducts in depth system security reviews, vulnerability analyses and risk assessments.

• Studies security architecture/platform to identify integration issues or opportunities and prepares cost estimates.

• Mentors and trains cybersecurity team on security tools and security best practices.

• Responsible for administration, data ingestion, parsing, dashboard design, and custom searches of company SIEM.

• Conducts periodic independent security audits including NIST, HIPAA and SOX audits and all internal controls compliance programs. Generates reports as needed from the various security systems to support regulatory compliance.

• Investigates known or suspected security incidents and performs thorough threat hunting and remediation using cybersecurity tools.

• Responsible for firewall and URL filtering configuration, maintenance, monitoring, and various other security measures.

• Responsible for Identity and Access Management.

• Responsible for Endpoint Detection and Response administration.

• Responsible for security setup, maintenance, and monitoring in Azure/M365 cloud environment.

• Evaluates and recommends security products for various platforms to support the company.

• Conducts training sessions with various audiences, provides support, and educates users on security policies and consults on security initiatives and issues.

• Researches emerging technologies and maintains awareness of current security risks in support of security enhancement and development efforts. Participates in educational opportunities, professional networks, and professional organizations.

• Troubleshoots assigned work tickets supporting daily operations and problems as they occur as well as provide 24/7 on-call support rotation.

• Domestic U.S. travel required.

Qualifications:

• Graduate from an accredited college or university with a Bachelor's degree in Cybersecurity or another related field is required.

• Seven years of Cybersecurity experience is required. Additional years of related experience may be substituted for the required education on a year-for-year basis.

• A current and valid certificate as a Certified Information Systems Security Professional (CISSP) is required. Experience using Security Incident/Event Management (SIEM) systems like Splunk to search and analyze data providing insights to act on.

• Experience with vulnerability scanners such as Tenable to detect network/security vulnerabilities and provide corrective actions.

• Experience in administering Azure AD, Microsoft Defender, and Microsoft Sentinel.

• Possess thorough knowledge of network protocols, network design, and IP sub-netting.

• Experience with NIST and Zero Trust is preferred.

• Must demonstrate a deep understanding of security knowledge and the ability to work independently and interact with the network team and other teams in a fast-paced, ever-changing environment.

• Proficiency in Microsoft Office applications is required.

CoreCivic is a Drug-Free Workplace and EOE - including Disability/Veteran.