|Date Posted||July 15, 2019|
The Cybersecurity Engineer reports to the Director of Security Operations within the CISO organization. The position is responsible for running and maintaining Security/SOC tools and assisting with cyber incidents.
The Cybersecurity Engineer will be responsible for working as a team to synergize security operations, tools, and processes for a newly merged company. Areas of responsibility include:
- Assist with the selection, deployment and implementation, patching, and ongoing monitoring/managing of security tools within a hybrid cloud enterprise to support the CISO organization as well as other organizations in securing the enterprise.
- Support SOC tools in a complex environment and assist security analysts in building operational processes around the Cybersecurity ecosystem.
- Maintain and tune SIEM to deliver optimal performance and output.
- Apply subject matter expertise in order to:
• Make technical and policy recommendations/decisions to support corporate security posture, especially as it relates to NIST 800-171 compliance.
• Investigate, interpret, and respond to technical and/or complex IT security requirements/requests.
• Understand placement of network/security infrastructure and visibility requirements for hosts, infrastructure, and network devices.
- Work collaboratively with other teams in the CISO organization as well as within the OCIO to impact change and define an acceptable security posture.
- Close coordination with SOC Analysts/Focused Operations, and Security Architects for security solutions.
Requires a Bachelors and 3+ years of experience. Substitutions include a Master’s Degree and 3-5 years of experience.
-Candidate must have a strong information security background, to include network security, network traffic analysis, and a fundamental knowledge of Windows and Linux operating systems.
-3+ years as a Security Engineer.
-Experience supporting government customers or contractors desired.
-Experience supporting a SOC desired.
-Knowledge and experience configuring, maintaining, and troubleshooting leading security tools such as:
o Endpoint protection (FireEye, McAfee, Symantec)
o Network security (Palo Alto, Checkpoint, Cisco Firepower, FireEye)
o Email protection (Proofpoint, FireEye)
o SIEM (QRadar, Splunk, Arcsight)
o Vulnerability management (Tenable Nessus)
-Sufficient level of understanding of the multitude of tools required to be managed and implemented by a Security Operations team.
-Experience/understanding of NIST cybersecurity controls and frameworks.
-Experience running tools in and supporting hybrid cloud (AWS/Azure) and on-prem environments.
-Experience implementing and reviewing corporate-wide security and networking policies and rules.
-Technical certifications are a plus.