Cyber Security SME

at The Judge Group
Location Long Beach, CA
Date Posted February 5, 2018
Category Default
Job Type Full-time


Our client is currently seeking a Cyber Security SME

Please reach out to [Click Here to Email Your Resumé] for immediate consideration!


We are seeking highly motivated Cyber security Engineer to join our team. The engineer will investigate, monitor, create, and tune alerts reported by security controls and stay current with emerging threats and mitigation techniques. The engineer will architect ways of improving the overall security posture by conducting assessments to identify areas for improvement, and vetting out new technology.  The engineer will provide expertise to other IT teams and may lead in upcoming security projects involving cloud based and web application security, multifactor authentication, network access control, and

Security audits. Daily job functions will include administration of our Firewalls, Web Proxy, Endpoint protection suite, IPS, SIEM, vulnerability management, and updating design documentation.

This job will have the following responsibilities: 

  • Review of SIEM logs and investigate on suspicious activity and alerts.
  • Add and tune SIEM correlation rules to reduce false positives and produce better actionable alerts.
  • Administration of web proxy. Troubleshoot issues with websites and tune policies.
  • Administration of antivirus suite. Investigate client issues, abnormal blocks, test features, tune policies
  • Administration of ASA Firewalls. Troubleshoot access issues. Audit rules.
  • Assist with administering of network access control
  • Review IPS intrusion events, modify ACLs and blacklists, review dashboards, investigate anomalies
  • Utilize the vulnerability scanner to develop a plan of action for patching.
  • Review latest threats from subscription services (ISACS) and test against security controls.
  • Conduct internal security assessments, identify vulnerabilities, and implement a plan to remediate. 
  • Review SPAM mail folder for spoofs, malicious links and attachments
  • Review, create, and update security documentation and incident response plan.
  • Deliver presentations and briefings to IT team members and management.
  • Participate in 24/7 oncall rotation and some travel when required

Qualifications & Requirements:

  • Minimum 5 years’ experience in cyber security
  • 3-5 years experienced with common security assessment tools
  • Ability to read packet captures and conduct analysis and forensics
  • Ability to identify network attacks from packet captures and logs.
  • Coding/scripting experience (languages: python, ruby, powershell)
  • Highly experience with log management solutions
  • Experience with web application security, Next Gen firewalls, and IPS
  • Knowledge of IT industry regulations
  • Experience with supporting and administering web content filtering and antivirus security suite
  • Must have solid understanding of network engineering (CCNA a plus)
  • Strong understanding of Active Directory, Windows, and Linux/Unix Systems
  • Strong written and oral communication skills with a customer service focus
  • Ability to work independently and in a group
  • Possess good documentation habits
  • Availability to provide 24x7 on-call support on a rotational basis
  • Security certifications
  • CISSP and SANs certifications
  • Knowledge of Oil and Gas industry and oilfield automations technologies/systems
  • Ability to reverse engineer malware
  • Experience with network access control, DLP, 0365 and cloud security, single-sign-on, multifactor authentication, email security, desktop application control, VDI antivirus, and mobility security.
  • Working knowledge with specific security systems: IBM Qradar, Mcafee Web Gateway, Cisco ISE, Cisco firesight, Symantec Endpoint Protection, Nexpose and Metasploit, Citrix Netscaler
  • Participation with Ethical Hacking or table top exercises
  • Experience with leading audits and penetration testing

Only registered members can apply for jobs.