Cyber Security Engineer

About the Company:

Meneses Law is an accomplished law firm with an outstanding track record of providing immigration services with the highest professional standards to our clients. We work with thousands of clients across the United States on Adjustment of Status, Visas, Petitions, Labor Certifications, Citizenships, Deportations, Waivers, DACA Renewals, and Asylum matters.

Our headquarters is based out of Houston, Texas and with the expansion to other major cities, our aim is to assist clients to achieve their objectives as placidly and efficiently as possible while minimizing the legal and regulatory risks. The law firm is built on its reputation of providing exceptional customer service delivery coupled with appropriate and outstanding skills, fast turnaround, and the know-how expert of our legal tea

Job Summary

The Cyber Security Engineer is responsible for designing, implementing, and maintaining robust security measures to protect the organization's data, systems, and networks from cyber threats. This role involves assessing vulnerabilities, deploying security tools, monitoring for potential threats, and ensuring compliance with industry regulations and best practices. The ideal candidate will have experience in penetration testing, vulnerability management, and securing enterprise systems, along with a solid understanding of network security and regulatory compliance.

Essential Functions / Responsibilities

• Security Protocols & Policies: Develop and implement security protocols, policies, and architecture to safeguard organizational assets.
• Security Tool Configuration: Configure, maintain, and optimize firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint security tools.
• Vulnerability Assessments: Conduct regular vulnerability assessments and penetration testing to identify and resolve security weaknesses.
• Risk Management: Evaluate and mitigate security risks by recommending system upgrades, patches, and secure configurations.
• Compliance: Ensure compliance with industry regulations and standards such as NIST, ISO 27001, HIPAA, and PCI-DSS.
• Threat Monitoring: Monitor networks, systems, and applications for suspicious activity or breaches, leveraging SIEM tools and other monitoring solutions.

• Incident Response: Lead investigations of security incidents, conduct root cause analysis, and implement corrective actions.
• Incident Response Plans: Develop and execute incident response plans and conduct regular security drills to ensure preparedness.
• Security Awareness: Promote cybersecurity awareness across the organization, focusing on topics like phishing, social engineering, and password hygiene.
• Cross-functional Collaboration: Work closely with IT, DevOps, and other departments to integrate security controls into all business processes and platforms.
• Vendor Management: Liaise with third-party vendors to assess and manage risks associated with external systems and software.
• Documentation: Maintain accurate and up-to-date documentation of security policies, incident reports, and audit trails.
• Investigation: Effectively investigate security incidents in a timely manner, in coordination with the Incident Response (IR) team.
• Reporting: Prepare and deliver detailed daily, weekly, and monthly security reports for executive leadership.
• On-Call Support: Participate in a rotating on-call schedule to support security operations and incident response as needed.
• Projects: Lead or contribute to the planning, development, and implementation of assigned cybersecurity initiatives.
• Perform any other tasks or functions deemed necessary to the daily operations of the employer.

Required Skills and Abilities

• Security Tools Expertise: In-depth knowledge of firewalls, SIEM, antivirus software, and endpoint protection systems.
• Networking Knowledge: Strong understanding of networking protocols including OSI Model, TCP/IP, DNS, VPNs, HTTP/S, End to End encryption protocols. and other related technologies.
• Cloud Security: Familiarity with securing cloud environments (AWS, Azure).
• Scripting Skills: Proficiency in scripting languages such as Python, PowerShell, or Bash for automation and threat detection.
• Penetration Testing & Vulnerability Scanning: Experience with tools like Rapid7, Nessus, Metasploit, Burp Suite, or Kali Linux for vulnerability scanning and penetration testing.

• Security Incident Analysis: Ability to analyze security logs from network and system devices to identify and mitigate threats.
• Frameworks & Standards: Familiarity with cybersecurity frameworks like NIST CSF, CIS Controls, ISO 27001, and understanding of security best practices.
• Regulatory Compliance: Knowledge of regulatory requirements including HIPAA, PCI-DSS, and their implementation in organizational security frameworks.
• Problem-Solving & Critical Thinking: Strong ability to analyze complex security problems and provide effective solutions.
• Communication Skills: Excellent written and verbal communication skills for preparing security reports and presenting findings to both technical and non-technical stakeholders.
• Adaptability & Learning: Eagerness to stay current with emerging cyber threats, security technologies, and methodologies.

Desired Qualifications:

Certifications:

Required: One or more industry-recognized cybersecurity certifications such as:

• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• CompTIA Security+
• Microsoft Excel & PowerPoint

Preferred:

1. Certified Information Security Manager (CISM)
2. Certified Cloud Security Professional (CCSP)
3. Offensive Security Certified Professional (OSCP)

Linux Expertise: Proficiency in Linux, with experience in using Kali Linux for penetration testing and vulnerability analysis.

Networking Experience: Hands-on experience with networking protocols and technologies, such as OSI Model, routers, switches, and firewalls.

Pen Testing Experience: Proven experience in penetration testing, including conducting red team exercises and vulnerability exploitation.

Educational / Experience Requirements:

• Degree:
  • Bachelor's degree in computer science, Information Security, or a related field.
• Experience:
  • Minimum of 3+ years of experience in cybersecurity, IT security, or a related field.
  • Experience with securing cloud environments (AWS, Azure) and managing cloud security controls is highly desirable.
  • DevSecOps experience and familiarity with securing CI/CD pipelines is a plus.

Job Types: Full-time

Compensation:

Meneses Law believes in Work Life Balance. Operation hours are from 8 a.m. to 5 p.m. plus 2 Saturdays a month for certain positions. Being hired by Meneses Law as a Cyber Security Engineer means that you will have the opportunity to:

• Earn salary of $70,000 - $90,000 (depending on experience)
• Be part of a positive culture
• Earn individual and team incentives
• Start an incredible career

Benefits for Working at Meneses Law:

• High Associate Salaries

• Work with state-of-the-art technology
• Name Recognition & Prestige Immigration Law Firm
• Sophisticated, Challenging Work
• Structured Training Programs
• Meaningful Career Advancement Opportunities
• Excellent Benefits (Medical (80% ER contribution, Dental (No-Cost to employee), Vision, Life Insurance (Paid), 2 weeks of PTO, 10 days of paid holidays
• Work Life Balance Schedule
• Birthday and Anniversary rewards

---