Cybersecurity Engineer – Zero Trust & DLP Specialist

Hybrid Schedule with Office Located in Houston, Texas

About Bray International

Bray International is a leading provider of industrial valves, actuators, and related control products, offering innovative flow control solutions worldwide. As a privately-owned business with over 30 years of engineered excellence, Bray is known for its commitment to excellence, integrity, and collaboration. Join our team to become part of a dynamic, forward-thinking organization shaping the future of flow control solutions.

Why Work for Us?

Bray offers a competitive and comprehensive benefits package, including:

• Competitive Pay Plans
• Comprehensive Benefits: Medical, dental, vision, and life insurance; Paid holidays and vacation; 401(k) with matching contributions.
• Healthy Work Environment: A smoke-free, drug-free workplace ensuring safety and productivity.
• Career Growth: Opportunities for professional development and advancement.
• An Exceptional Company Culture: Bray is a privately-owned business committed to engineered excellence.

Position Summary: We are seeking a highly skilled and experienced Cybersecurity Engineer to join our dynamic team. The ideal candidate will have a strong background in Zero Trust Networking and Data Loss Prevention (DLP). This role is responsible for designing, implementing, and maintaining robust security measures to protect our organization’s data and systems. The position requires extensive experience in cybersecurity, strong problem-solving skills, and the ability to mentor junior analysts. Additionally, you will collaborate with cross-functional teams to design and enforce comprehensive security architectures and strategies.

Essential Job Functions and Responsibilities:

Core Responsibilities:

• Develop and deploy Zero Trust security models to ensure secure access to resources, regardless of location or device.
• Implement and manage DLP solutions to prevent unauthorized access, use, or transmission of sensitive data.

Additional Responsibilities:

• Monitor network activity for suspicious behavior, respond to security incidents, and ensure compliance with industry standards and regulations.
• Troubleshoot complex security issues with a deep understanding of network protocols.
• Collaborate with IT team members to develop and enforce security policies and best practices.
• Conduct regular security assessments, identify vulnerabilities, and develop strategies to mitigate risks.
• Respond to complex security incidents, including investigation, containment, and remediation.
• Conduct in-depth threat analysis and oversee incident response efforts.
• Incorporate lessons learned from incident investigations to improve monitoring, alerting, and automation capabilities.
• Oversee the maintenance and updating of security documentation, including incident reports and security logs.

Qualifications and Core Competencies:

Required Core Competencies:

• Strong understanding of Zero Trust principles and frameworks (e.g., NIST SP 800-207).
• In-depth knowledge of network protocols and security best practices.
• Expertise in DLP technologies and solutions, including configuring and managing DLP policies and rules.
• Strong understanding of data classification and protection methodologies.
• Ability to analyze and respond to DLP alerts and incidents.
• Experience with data discovery and classification exercises.

Additional Qualifications and Competencies:

• Proficiency in security tools and technologies, including firewalls, IDS/IPS, SIEM, Endpoint Detection and Response, Email Security, and Web Security.
• Familiarity with advanced security solutions such as data loss prevention, on-prem and cloud proxy, secure service edge, web application firewall, zero trust, and remote access.
• Experience with penetration testing tools and methodologies (e.g., Nmap, Metasploit, Burp Suite).
• Strong knowledge of TCP/IP, VPNs, IDS/IPS, and firewall configurations.
• Experience with other networking vendors and technologies (e.g., Juniper, switching & routing, TCP/IP, DHCP, DNS, end-to-end QoS, VRRP, LACP, MLAG, ACLs).
• Experience with cloud security platforms (AWS, Azure).
• Familiarity with Microsoft Defender Suite, Intune, and Azure.
• Experience with compliance frameworks such as ISO 27001, NIST, and GDPR.
• Proficient in using firewall management tools (Palo Alto, Meraki, IPSec, Global Protect VPN, Cisco AnyConnect).
• Expertise in troubleshooting and resolving complex technical issues.

Performance Standards:

• Promote best practices like NIST CSF within the IT Security team.
• Ensure NIST CSF compliance for the IT team.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)