In this role, the Cyber Security Engineer is responsible for designing, implementing, and maintaining vigorous security measures to protect the organization’s digital assets, systems, and networks. This role involves identifying and mitigating security risks, responding to incidents, and ensuring compliance with relevant standards and regulations. The incumbent will manage day-to-day operations and play a crucial role in strategic initiatives. These include enhancing incident response capabilities, optimizing detection and response mechanisms, and supporting continuous improvements in Shintech's security posture.

Essential Duties and Responsibilities:

Cybersecurity Operations:

• Provide direct support to the cybersecurity team/stakeholders to safeguard the confidentiality, integrity, and availability of sensitive data processed and stored within enterprise systems and networks.
• Maintain and optimize protective measures and security controls, vulnerability testing, monitoring, reporting, and incident investigations.
• Plan, implement, manage, upgrade, and monitor security measures to protect Shintech's computer networks and data.

Incident Response and Digital Forensics:

• Lead incident response, conducting root cause analysis and formal postmortem investigations.
• Employ advanced forensic tools for attack reconstruction, including dead system analysis and volatile data collection.
• Troubleshoot security issues, analyze malware, and other duties associated with Incident Response and Forensics.

Risk Assessments and Penetration Testing:

• Conduct internal and external security audits, risk assessments, and penetration testing.
• Act as a technical lead for penetration testing (e.g., internal, external, social engineering, application) and phishing campaigns in collaboration with assigned Cybersecurity Analysts.
• Test the overall strength of Shintech's defenses by simulating attacker tactics, techniques, and procedures.

Security Controls and Configuration:

• Apply timely updates, patches, and hotfixes to maintain cybersecurity systems.
• Establish and maintain incident alert thresholds for Cybersecurity Analysts.
• Ensure detection activities comply with applicable requirements and incident response procedures.

Collaboration and Planning:

• Coordinate with the vCISO to research, plan, design, implement, and document cybersecurity technical architecture.
• Participate in change management processes to evaluate potential impact on security.
• Maintain configuration management for all cybersecurity controls and systems.

Technical Support and Professional Services:

• Respond to assigned service requests made through the IT Service Management system.
• Work on projects and professional services assigned by the Cybersecurity Project Manager.

Audits and Compliance:

• Conduct periodic reviews of security controls and ensure systems are compliant with applicable standards and policies.
• Perform firewall audits in collaboration with the IT Infrastructure Team.

Access Control Management:

• Maintain processes and tools to track, control, prevent, and correct secure access to critical assets based on the principle of least privilege.
• Ensure identities and credentials are managed, verified, revoked, and audited for authorized devices, users, and processes.

Documentation and Reporting:

• Create and maintain security-related documentation, including incident response and disaster recovery plans.
• Provide timely reports to relevant business units, including metrics on cybersecurity performance.

Qualifications and Experience:

Education:

• Bachelor of Science in Computer Science, Information Technology, Systems Engineering, or related field preferred. Equivalent experience (8 years) may be considered instead of a degree.

Certifications:

• The required certifications include CISSP and one technical certification. Specializations in penetration testing or forensics are highly desirable.
• Experience with penetration testing, incident response, forensics, and vulnerability management.
• Experience with Linux operating systems, next-gen firewalls, cloud security, IDS/IPS, DLP, SIEM, and endpoint security solutions.
• Extensive experience administering an enterprise IT Service Management system (e.g., ConnectWise, ServiceNow, Fresh Service, ManageEngine, etc.).
• Proficiency in Python, C++, Java, Ruby, or PowerShell is a plus.

Physical Requirements:

• Must be able to access all plant areas.
• Use of PPE required in specific areas.
• Regularly required to push, pull, bend, and perform long periods of standing and walking on cement foundations.
• Climb stairs, straight ladders, and structures, etc.
• Occasionally required to stoop and kneel.
• Must regularly lift and/or move up to 25 pounds and frequently lift and/or move up to 50 pounds.
• Must be able to coordinate the movement of eyes, hands, feet, and fingers to operate tools and equipment.
• Chemical manufacturing facility.
• Professional office environment.
• Potential exposure to dust, odors, fumes and noises.

Shintech Louisiana provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.