Senior Cyber Security Engineer
Rosen's Diversified, Inc.

Overview
JOB SUMMARY
The Senior Cyber Security Engineer is responsible for the design, development, and maintenance of systems that protect computer networks and data. This includes developing security plans, installing software to secure networks and computers, and monitoring systems for signs of intrusion.

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES

• Security Architecture Design: Develop and maintain a robust security architecture framework that aligns with industry standards, regulatory requirements, and organizational goals. Design scalable and adaptable security solutions to protect against current and emerging cyber threats.
• Assist in developing and evaluating compliance with security architecture standards, frameworks, and guidelines.
• Participate in security strategy planning as needed, including but not limited to:
  • Incorporate security developed strategies into new technology business initiatives.
  • Review systems to report on inconsistencies between design and actual functionality.
  • Understand the relationships between various systems - networking, server, EDI, manufacturing, etc. and consider all stakeholders when reviewing business needs.
  • Emphasize security best practices and ensures adoption across corporate solutions.
  • Analyze existing infrastructure designs and strategies to ensure they are adequately meeting the organization's needs.
  • Compare proposed technical designs against Company standards, industry best practices, etc. to ensure systems mesh with existing infrastructure, skillsets, and security posture.
  • Present recommendations to leadership.
• Research emerging technologies to assess fit for business needs.
• Translate business requirements into written designs in line with Company and industry standards.
• Deploy technology as per written designs in line with Company and industry standards, including:
  • Develop and review project testing and implementation plans and project timelines.
  • Follow project testing and implementation plans and project timelines.
  • Recommend, review, and create documentation as needed for any new or changed project or technology.
  • Write functional requirements/specifications documents.
  • Evaluate final project outputs for success against project design and build baselines.
• Leverage proof-of-concept engineering security initiatives for system additions or changes.
• Design and implement monitoring systems to support enterprise security.
• Review and participates in business continuity and disaster recovery strategy development.
• Provide technical support and guidance to users.
• All other duties as assigned.

Qualifications
QUALIFICATIONS, KNOWLEDGE, SKILLS, AND EXPERIENCE

• Bachelor's degree in computer science or in an equivalent area of specialty is preferred.
• Minimum of 7+ years of experience in the field or related area with 3+ as a Security Engineer.
• Experience or exposure to appropriate systems such as:
  • Windows Server operating systems and Active Directory domains.
  • Cloud infrastructure environments such as Microsoft Azure, Amazon AWS.
  • Cloud identity platforms such as Microsoft EntraID.
  • Virtualization platforms such as VMware, Hyper-V, Nutanix, etc.
  • Network infrastructure systems (routers, switches, wireless, firewalls, load balancers).
  • Secure Web Gateway (SWG) solutions such as forward internet proxies.
  • Zero Trust Network Access (ZTNA) solutions such as reverse application proxies.
  • Identity security best practices & solutions including PAM, MFA, and least privilege.
  • Endpoint Detection & Response (EDR).
  • Log aggregation & SIEM design, operation, and optimization.
  • Vulnerability management, scanning, and analysis.
  • A variety of application solutions (web, database, etc.).
  • Core infrastructure services (DNS, DHCP, VoIP).
  • Operational Technology (OT) security best practices.
• Prior audit or industry framework experience is desired. Examples: SOX, SOC1, ISO, PCI, HIPPA, NIST.

ADDITIONAL SKILLS/EXPERIENCE/REQUIREMENTS

• Strong knowledge of security engineering discipline in one or more of the following domains: network security, cloud security, endpoint security, or application security.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Strong problem-solving and trouble-shooting skills.
• Knowledge of security standards and regulations, such as PCI DSS, HIPAA, or NIST CSF.
• Experience with cybersecurity tools such as vulnerability scanners, network firewalls, cloud security, penetration testing, and security frameworks.
• Experience with vendor management is desired.
• Foster communication and collaboration between Security team and other IT teams.
• Familiar with standard concepts, practices, and procedures within field. Performs varied tasks.
• Strong technical aptitude, creativity, and ability to research and solve complex issues.
• Ability to effectively communicate issues and resolutions to all levels of the organization.
• Ability to work both alone and within a team and established standards.
• Experience documenting, project tracking and management reporting.

INTENT AND FUNCTION OF JOB DESCRIPTIONS
Job descriptions assist organizations in ensuring that the hiring process is fairly administered and that qualified employees are selected. All descriptions have been reviewed to ensure that only essential functions and basic duties have been included. Requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions. In no instance, however, should the duties, responsibilities, and requirements delineated be interpreted as all-inclusive. Additional functions and requirements may be assigned by supervisors as deemed appropriate. Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.

Summary
OUR FAMILY CULTURE

We are a family-owned business established in 1946 with nearly 5,000 employees. Over the years, Rosen's Diversified, Inc. ("RDI") has grown into a holding company of vertically integrated business units, including American Foods Group, America's Service Line, Scientific Life Solutions, and Rosen's Inc. By understanding our employees, our customers and ourselves, we are preparing RDI for the future generations of success.

Our Company is comprised of innovative entrepreneurs who value our casual and down to earth culture. As a member of the Rosen's family, you will find yourself challenged and rewarded for your professional contributions as well as the Company's success.

WHAT WE OFFER

• Privately held, family-owned (three generations) business which operates with a mentality of what should be done versus share holder requirements.
• Excellent health and welfare benefits including but not limited to medical, dental, vision, disability, and a variety of voluntary benefit options.
• 401(k) retirement benefits with Company match annually.
• Professional and personal development programs including Career and Learning Paths providing opportunities for advancement.

---