Cybersecurity Engineer

RESPONSIBILITIES

:

• Participate in the design, engineering, implementation, and ongoing maintenance of the cybersecurity system
• Ability to monitor for and identify security threats.
• Analyze, document, and report on security incidents.
• Work with various vendors, online resources, and IT teams to identify and understand security threats, vulnerabilities, and exploits that could impact enterprise environment
• Coordinate response of security events that require urgent response, containment, and remediation
• Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc.
• Perform knowledge transfers, create KB and SOP articles, and coordinate meetings to share information on identified threats
• Provide ongoing recommendations to the IT team on tuning and best practices
• Actively research current threats and attack vectors exploited in the wild
• Actively work with IT performing Security investigations
• Assist with development and maintenance of IT security policies
• Audit configuration of existing technologies and platforms.
• Research and present recommendations on emerging information security technologies
• Work with Organizational Development to manage and report on cybersecurity training across the organization
• Participate in internal and external security audits as required

OTHER COMPENTENCIES:

• Experience working with a Security Operations Center (SOC)
• Excellent time management, reporting, and communication skills
• Ability to generate comprehensive written reports and recommendations
• Coaching and training experience
• Ability to quickly adapt and learn new technologies
• Previous experience as a point of escalation in a technical environment
• TCP/IP knowledge and understanding of network infrastructure: firewalls, routers, switches, load balancers, remote access technology (VPN).
• Ability to troubleshoot technical issues and lead root cause analysis
• Support queue management
• Familiarity with Top 20 Critical Security Controls
• Experience developing IT Security policies and running audit reports
• Knowledge of data privacy regulations such as GDPR, CCPA etc.

EDUCATION:

Required:

Required:

EXPERIENCE:

Required:

• Three or more years of full-time professional experience in the Information Security field Microsoft Office 365, Azure
• Azure passthrough authentication
• Microsoft AD Connect
• Azure security log analysis
• Azure conditional access policies
• Office 365 MFA
• PowerShell scripting
• Mobile device compliance and configuration policy management
• Experience with Amazon web services administration
• Enterprise messaging systems:
• Experience with On-prem Exchange and Exchange Online administration
• Message header analysis and message trace
• Whitelist / blacklist management
• Experience with email hygiene products such as Google, Proofpoint, Barracuda, or Symantec
• Configuration of DMARC, DKIM, SPF, and MX DNS records
• Understanding of Microsoft Windows platforms including:
• Active Directory
• Windows security architecture and terminology
• Privilege escalation techniques
• Common mitigation controls and system hardening
• Anti-Virus (AV)
• Experience with monitoring and administration of a commercial endpoint AV solution
• Ability to identify common false positives and make suggestions on tuning
• Experiencing creating endpoint protection policies
• Log auditing and analysis
• Malware
• Ability to identify phishing email, analyze malicious URL threats, and decode encrypted HTML attachments (base64)
• Setup isolated systems to detonate malicious payloads
• Understanding of malware mitigation controls in an enterprise environment