The Senior Cyber Security Engineer leverages in-depth knowledge in cyber security principles, theories, and industry practices to execute incident response, threat detection, and enhance security solutions safeguarding Vital Energy's digital assets. This role entails recommending secure infrastructure architectures in collaboration with technical teams across IT and OT projects, requiring expertise not only in cyber security but also in infrastructure, client computing, and application development.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Design and implement security solutions, establishing access privileges, control structures, and resources to address complex security challenges.
• Lead and participate in threat analysis activities within the Cybersecurity Incident Response Team, collaborating with both internal and external partners, and driving continuous improvement.
• Maintain and update the Incident Response Playbook, ensuring effective documentation of response strategies.
• Detect potential threats by monitoring for anomalies and violations, promptly isolating and resolving security issues.
• Manage and optimize security tools such as EDR, SIEM, and firewalls; recommend new security products and services for evaluation.
• Advise on secure architecture across infrastructure, applications, and operational technology, establishing configuration standards for critical network components.
• Oversee or coordinate with external partners for vulnerability assessments, penetration testing, and related security tasks.
• Stay abreast of security trends and standards, advising leadership on emerging threats and compliance with security policies and legal requirements.

EDUCATION, KNOWLEDGE AND SKILLS:

• Bachelor's degree in Cybersecurity, Computer Science or other appropriate discipline from an accredited four-year college or university.
• At least 5 years of experience in security technology design, administration, incident response and identity and access management.
• Proficiency in infrastructure technologies, such as network, server, and client administration.
• Experience with Microsoft 365 security administration; AWS knowledge is a plus.
• Understanding of Information Security principles, methods, and technologies, including network and server security.
• Ability to define and analyze security requirements and risks and develop effective policies.
• Experience with advanced security technologies like next-gen firewalls, IDS/IPS, network access controls, and cybersecurity automation.
• Knowledge of security frameworks such as NIST and ISO 27001.
• Preferred certifications include CISSP, CISM, CEH, or similar.
• Exceptional analytical, problem-solving, communication, and collaboration skills.
• Capability to mentor or manage tasks of less experienced team members.
• May perform work of lesser skilled employees.

COMPENSATION:

Salary is commensurate with experience.

WORKING CONDITIONS:

Work is normally performed in a climate-controlled environment, where exposure to conditions of extreme heat/cold, poor ventilation, fumes and gases is very limited. Noise level is moderate and includes sounds of a normal office environment. No environmental hazards are encountered in performance of normal job duties.

PHYSICAL DEMANDS:

Work normally requires finger dexterity and eye-hand coordination to operate computer keyboard at moderate skill level. Work may require occasional pushing, pulling, or carrying 40-pound objects such as servers, workstations, monitors, files, documents, boxes, etc. Work involves sitting most of the time but may involve standing and walking for brief periods. Travel to other office sites/locations is required occasionally.