Cyber Security Engineer

Our client is a MSSP Security Client created to give organizations a running start when it comes to cybersecurity, providing the same standard of security controls as large enterprises but without the cost-prohibitive nature of trying to build their own internal Security Operations Center.

Help clients build effective, proactive plans and comprehensive cybersecurity strategies by developing forward-looking tactics to stay ahead of emerging threats and evolving technology

Interested? keep reading!!!!

100% Paid Premiums

Competitive medical and dental benefits for employee and family members with (individual, individual + spouse, OR family plans)

12 paid holidays per year

Flexible Paid Time Off policy

SIEM data curation, SIEM administration, and system integration and configuration of security related tools. Firewall and Malware experience

Specific Job Responsibilities

• Implement protections and carry out information security plans and policies
• Install, deploy and manage information security systems including SIEM, firewalls, AVS, EDR, DLP and network anomaly detection
• Design, implement, and configure cloud security solutions such as AWS, GCP, and Azure environments (security configurations), as well as Cloud Access Security Broker (CASB) software and integrations
• Assist in implementation and secure design of secure applications, software integrations, identity providers, and networks
• Perform analysis, correlation of actionable security events and alerts, network traffic analysis using raw packet data, net flow, IDS/IPS, SIEM and/or any custom sensor output as it pertains to security threat intelligence, analytics and visibility
• Work closely with SOC Analysts to review alerts and investigate security incidents
• Run/oversee vulnerability identification software packages and related tools. To highlight errors in systems configuration and the need for the update of software with fixes and patches
• Evaluate, analyze and reproduce security vulnerabilities reported by internal tools, internal engineers, security researchers, partners and customers
• Partner and collaborate with customers and fellow engineers to design, implement, and monitor security and technology solutions used both internally and in customer sites.
• Participate in the Security Incident Response Team (SIRT) activities. This means helping SIRT to detect, respond, contain, eradicate and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments
• Assist in documenting Standard Operating Procedures SOC playbooks, configuration guides, and secure standards
• Monitoring, analyzing, and interpreting security/system logs for events, operational irregularities, and potential incidents and escalating issues as appropriate
• Administration and operational support of all security monitoring and management systems including Splunk, Qradar, Azure Sentinel, LogRhythm, Sumo Logic, Alien Vault, and others
• Implementing, utilizing, tuning, and administering security tools such as endpoint protection, network analysis, SIEM, and other essential security solutions
• Provide technical support and troubleshooting when needed regarding existing or new security tools and solutions
• Provide support to remediate vulnerabilities such as patching, implementing controls to mitigate risk, and ensuring secure configuration of systems
• Perform research and remain aware of new and emerging threats to ensure newly discovered vulnerabilities are addressed

Qualifications

• Bachelor’s degree or similar industry experience in cyber security, information technology, computer science, or similar field
• Four years of industry experience in IT Security Engineering. Experience working in a SOC is highly desired
• This position has the potential to be shift-based in a 24x7 operation
• Prior hands-on experience in SIEM, network, system, and/or endpoint security operations required
• Solid understanding of information technology and information security including; firewalls/UTM’s, IDS/IPS, VPN’s, penetration testing, SIEM, and other security systems with an emphasis on threat hunting and log analysis
• Excellent written and verbal communication skills; collaborative team player
• Exceptional analytical and problem-solving skills; someone who ‘sees’ the box differently
• Experience developing and managing remediation plans/corrective actions
• Understanding of IT infrastructure, information security, and compliance controls
• Comfortable with multiple, current operating environments
• Familiarity with modern exploit techniques, mitigation strategies and counter-attack methodologies
• Ability and willingness to learn other security skills such as ethical hacking, digital forensics, or vulnerability management
• CISSP, CISM, CISA, GIAC or other recognized security certification is preferred