Principal Cybersecurity Engineer

At Oshkosh, we build, serve and protect people and communities around the world by designing and manufacturing some of the toughest specialty trucks and access equipment. We employ over 17,000 team members all united by a common purpose. Our engineering and product innovation help keep soldiers and firefighters safe, is critical in building and keeping communities clean and helps people do their jobs every day.
Oshkosh Corporation owns significant assets in the form of information. Some of these assets lose substantial value if they are improperly disclosed, and similar disclosure of other assets could result in significant harm to the organization. This role will support the Cybersecurity mission by working with the business as a trusted advisor to reduce cybersecurity risks to acceptable levels. Specifically, by acting as the organization's mechanism to identify, maintain, and improve cybersecurity controls, using risk-based approach to preserve the confidentiality, integrity, and availability of company information.
Work Arrangement: On-site in facilities in Orlando, FL or Ogden, UT.
YOUR IMPACT
These duties are not meant to be all-inclusive and other duties may be assigned. The primary responsibilities for this role will be to serve as Oshkosh's cloud security subject matter expert and contribute to designing, implementing, and maintaining security controls for our cloud solutions.

• Design, implement and maintain, monitoring and alerting solutions to detect and respond to unauthorized access and potential threats in our cloud tenants.
• Work closely with architects and analysts to ensure necessary security solutions are in place throughout all systems to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements.
• Serve as a trusted advisor to business functional areas (e.g., Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, apps, IT services.).
• Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance.
• Advocate for cyber risk mitigation during planning sessions and implementation of new technology services.
• Maintain awareness of all aspects of information security and compliance, including PCI, SOC, and HIPAA requirements for information systems and industry best practices, such as, NIST 800-53, 800-171.
• Contribute to the development and maintenance of the cybersecurity strategy.
• Contribute to the development and maintenance of cybersecurity hosted system roadmaps (e.g., SIEM, DLP, NDR) and drive continuous improvements.
• Participate in development and continuous improvement of the following cybersecurity programs: Threat & Vulnerability Management, Insider Threat Management, Data Governance, Cloud Security, Supplier Risk Management, Security Policies, and Cybersecurity Governance & Compliance.
• Contribute and help update the cybersecurity risk model, and coordination with other functional teams (e.g., HR, Finance, IT, Engineering) to establish plans to securely manage the cyber risks associated with business activities and technical implementations.
• Work with CSIRT to improve process, procedures, and training such as creating playbooks for investigations with other analysts to train on proper techniques for investigation.
• Be involved in threat hunts and purple team events that are put on to strengthen our knowledge of our environment.

YOUR SKILLS & EXPERTISE

• Bachelor's degree in Cybersecurity, Information Systems or equivalent.
• Eight (8) or more years of experience.
• Direct experience managing security configurations of cloud solutions (SaaS, PaaS, IaaS).

STANDOUT QUALIFICATIONS

• Graduate degree in Cybersecurity, Information Systems, Management or equivalent.
• Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP etc.).
• Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.
• Demonstrated knowledge of security controls for network, applications, and operating systems.
• Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).
• Experience with projects or issues of high complexity that require in-depth knowledge across multiple technical areas and lines of business.
• Experience identifying intruder techniques (new vulnerability, attack vectors, exploits, etc.).
• In-depth Knowledge and experience with InfoSec systems (SEIM, SOAR, IDS/IPS, Honeypots, Open Source Intel, Sandbox Analysis Tools, etc.).
• Hold an active or can obtain a U.S. Government Secret level or above clearance.
• Direct Experience with SEIM or SOAR platforms.

Oshkosh is committed to working with and offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability for any part of the recruitment process, please contact our reception desk by phone at +1 (920) 502.3009 or our talent acquisition team by email corporatetalentacquisition@oshkoshcorp.com.
Oshkosh Corporation is an Equal Opportunity and Affirmative Action Employer. This company will provide equal opportunity to all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Information collected regarding categories as provided by law will in no way affect the decision regarding an employment application.
Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.
Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.