Key skills
Cybersecurity engineeringOT Security best practicesCloud securityCyber security frameworksRisk managementRelevant certificationsinformation securityCollaborative environmentRisk ManagementCloud Security
About this role
Crane NXT is focused on optimizing enterprise security technologies, and they are seeking a Security Engineer responsible for enhancing security across their businesses. This role involves collaborating with business units to implement security controls, assess risks, and guide IT teams in security best practices.
Responsibilities:
- Assist with the configuration, tuning, monitoring, and continuous improvement of all GIS security tools
- Collaborate with business units to ensure security controls are properly optimized and function as intended across all IT and OT systems
- Guide business units in the development and maintenance of cloud security policies and standards, ensuring alignment with industry best practices
- Assess and identify potential risks to Crane NXT, and when appropriate, recommend and implement improvements to technologies and processes across business units and within the Global Information Security (GIS) organization
- Assist in proof-of-concept (POC) activities to validate solutions for security, functionality, and seamless business integration
- Collaborate with and guide business unit IT teams to ensure proficiency in security technologies and best practices
- Maintain relevant knowledge of current and leading-edge information security technologies and how these may be applicable to Crane NXT
Requirements:
- 4–6 years of experience in cybersecurity engineering, security operations, or IT infrastructure
- Experience securing manufacturing environments using OT Security best practices
- Experience with securing cloud and hybrid environments
- Technical expertise across multiple disciplines within cyber security, such as operational technology, cloud security controls, networking, email security, directory services, server security, intrusion detection/prevention, endpoint protection/EDR, application control, incident response, web application firewalls; experience with cyber security frameworks and regulatory requirements
- Strong understanding of leading-edge information security technologies
- Ability to work in a collaborative environment
- Bachelor's degree in cybersecurity, computer science, information systems, engineering, or a related field
- Exposure to OT/ICS environments such as PLC, HMI, SCADA, or industrial networks
- Relevant certifications such as AZ-500, Security+, ITIL, CISSP, CISM, CCSP and CRISC
- Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management
- Understanding of risk-based decision-making (e.g., risk analysis, mitigation, resolution, acceptance, etc.)