Scope: This is a key role in protecting our and our client's assets and information. A cyber security engineer must display an exceptional understanding of technology infrastructure using Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web and Email Proxies, SIEMs, EDR or XDRs, and Security Assessments. Top candidates will be comfortable working with a variety of technologies, security problems, and troubleshooting multiple environments. They will also collaborate with the Security team and other teams to provide value-added analysis of potential threats and make mitigation recommendations. The Cyber Security Engineer must maintain knowledge of the current cyber-threat landscape and the MITRE ATT&CK framework. This position has no direct supervisory responsibilities but will lead from a subject matter expertise aspect. Education: Bachelor's degree in computer science, IT, systems engineering, or related qualification. Certifications: Some security cert such as CISSP, GSEC, CDPSE, or CISM Experience:
Have experience as THE subject matter expert and last point of resolution before external vendor escalation which impacts cost of resolution
Prefer to have MSSP experience due to having variety of expertise in the security landscape - while not a requirement they would be considered a top candidate
2+ years of work experience with incident detection, incident response, forensics and performing cyber security assessments
Experience analyzing and administering Cloud/SaaS/Networking and Network Security Solutions including Managed Detection and Response, Next Gen Firewalls, IDS/IPS, SIEM Solutions, SOAR, Cloud Security, End Point Security, Vulnerability and Penetration Testing Services
Experience with Cloud solutions (Azure preferred), networking, firewalls, monitoring and countermeasures, Office 365 Security, VMware, SIEM, Vulnerability Management Solutions, Ticketing systems, and Endpoint Security
Proficiency in Python, C++, Java, Ruby, Node, Go, or Power Shell
Excellent communication/presentation skills and ability to build relationships
Ability to prioritize projects or triage cyber security events and/or incidents and to work under pressure in a demanding environment
Strong attention to detail with an analytical mind and outstanding critical thinking skills
Great awareness of cybersecurity trends and hacking techniques and how to implement them at an enterprise level
Knowledge of compliance process and regulatory requirements such as: HIPAA, PCI, and NIST-800 is preferred, but not required. Responsibilities:
Planning, implementing, managing, monitoring, and upgrading security measures for the protection data, systems, and environment
Troubleshooting solutions for security challenges
Responding to all system and/or security breaches
Ensuring that data and infrastructures are protected by recommending and enabling the appropriate security controls
Participating in the change and configuration management process
Testing and identifying network and system vulnerabilities
Daily administrative tasks, reporting, and communication with the relevant departments
Research weaknesses and find ways to counter them
Develop best practices and cyber security standards
Utilize SIEM/SOAR/XDR/EDR and various other emerging tools (ConnectWise, Security Onion, Sentinel One, Microsoft Sentinel, SureShield, CrowdStrike, DUO, etc.) to monitor alerts and security events of client networks and systems
Strong knowledge of common cloud platforms with Microsoft Azure being preferred