Cyber Security Engineer

USMMA Cyber Security Engineer - This position is at United States Merchant Marine Academy in Kings Point, NY, we are looking for a Cyber Engineer who can thrive in a challenging and rewarding environment

The candidate will monitor, analyze, and respond to cybersecurity alerts and incidents; Administers identity and access controls including Azure AD, Hybrid AD, PIV-I, Windows Hello for Business, MFA, and Conditional Access. Manages endpoint protection, system hardening, and email security tools including phishing investigation and impersonation protection. Supports network security by reviewing firewall, VPN, DNS filtering, and segmentation controls. Maintains security documentation such as SSPs and POA&Ms and ensures compliance with NIST CSF, RMF, DOT, and MARAD requirements. Conducts risk assessments, maintains security procedures, and collaborates with Infrastructure and Application teams to support secure and compliant Academy operations.

Core responsibilities and duties; highlight day-to-day activities:

• Ensure compliance with NIST CSF and RMF standards, maintain SSPs, POA&Ms, audit evidence, and support DOT and MARAD cybersecurity requirements.
• Support Azure AD and Hybrid AD identity lifecycle processes; administer PIV-I, Windows Hello for Business, MFA, Conditional Access, and conduct privileged access reviews.
• Manage endpoint protection agents, enforce secure configuration baselines, and ensure consistent endpoint hardening across Academy systems.
• Collaborate with Network Engineering on firewall rules, VPN security, DNS filtering, and network segmentation while monitoring for suspicious network behavior.
• Administer Barracuda email security protections, investigate phishing attempts, manage message tracing, and maintain impersonation-protection controls.
• Monitor and administer enterprise IT security policies, maintain operational security procedures and daily checklists, and drive process improvements and continuous monitoring.
• Assess emerging threats, perform risk and business impact analysis, and recommend mitigation and treatment strategies.
• Work effectively with Infrastructure and Application teams to establish direction, support decision-making, and promote a culture of teamwork and innovation.
   

Requirements: 

• BS, in Cyber Security, Computer Science, MIS or related field

   

• Minimum 10 years hands-on experience in Cyber Security in a fast-paced work environment

• Excellent communication, analyzation, and troubleshooting skills

• Experience working in Federal Government Environment

• Candidate must be a U.S. citizen or green card holder who has resided in the U.S. for at least 3 years and the ability to obtain a public trust

   

   

  Preferred skills and qualifications:

• Experience working in a college or university

• Identity and Access Management – Account management

• Deliver cybersecurity awareness training, conduct phishing simulations, and provide targeted education for high-risk users.

• Monitor Microsoft 365 and Azure cloud security, manage Conditional Access and DLP policies, improve Secure Score, and evaluate third-party SaaS integrations.

• Implement IT security projects under leadership guidance, including evaluating, recommending, and deploying