Cybersecurity Engineer

  • Woodbridge, NJ
  • Posted 17 hours ago | Updated 5 hours ago

Overview

On Site
Contract - W2
Contract - 12+ Month(s)

Skills

cybersecurity
GIAC Security Essentials (GSEC)
Security+ from CompTIA
Certified Ethical Hacker (CEH)
Security Monitoring & Analysis
Access & Privilege Management
Identity & Account Governance

Job Details

Role: Cybersecurity Engineer

Term: 12 + months, strong possibility of extension

Location: WOODBRIDGE NJ 07095(Hybrid 3-4 days)

KEY RESPONSIBILITIES:

Identity & Account Governance:

Proactively identify and remediate expired or overdue passwords within our identity systems.

Perform regular Active Directory health checks and cleanup activities, including identifying and disabling stale user and computer accounts.

Audit and optimize service accounts, ensuring they are appropriately permissioned, scoped to the correct machines, and adhere to password policies.

Review and ensure Multi-Factor Authentication (MFA), such as Duo, is properly implemented for critical accounts.

Prevent cross-contamination of environments by ensuring appropriate usage of accounts (e.g., development accounts not used in production).

Access & Privilege Management:

Identify and remediate local administrative privileges on workstations and servers, implementing least privilege principles.

Address duplicated credentials within Azure Active Directory to enhance security.

Security Monitoring & Analysis:

Contribute to the development and refinement of security monitoring and detection capabilities within Splunk and other platforms.

Assist in the investigation and response to security alerts from various sources (e.g., Threat Command, Canary, ExtraHop, CrowdStrike Identity).

Vulnerability Management:

Assist in identifying and addressing outdated applications that pose security risks.

Research and analyze threat intelligence to identify applicable vulnerabilities and emerging attack vectors.

Utilize tools like BloodHound and PingCastle to identify and remediate Active Directory security weaknesses.

Identify and manage the remediation of outdated or vulnerable applications across the enterprise.

RESPONSIBILITIES:

Develop, implement, and refine security monitoring use cases in Splunk and other SIEM tools to enhance threat detection capabilities.

Monitor and respond to security alerts from various detection systems (e.g., EDR, network anomaly detection, identity protection).

Create and maintain response templates for identified security incidents and "red flags."

REQUIREMENTS:

-Strong written and verbal communication skills

- Undergraduate degree (BS) in technology related field, e.g., computer science, EMIS, systems engineering, electrical engineering

- Self-started with exceptional follow through and time management skills

- 1-3 years of relevant Information Security Experience, 4+ years is a plus

- Experience with On-Premise and AWS hosting environments

- Understanding of security principles and network communication models and corresponding protocols

- Familiar with ServiceNow and system of record/workforce management tool

- Alert management experience

- Accountable for conducting phishing analysis, web proxies, endpoint detection and response, database monitoring

- Accountable for conducting security analysis or audits

- Possess high-level knowledge of assessment of Active Directory Security Group lifecycle management

- Experience in conducting industry and/or third party threat intelligence for integration into our client's environment

- Network operational knowledge and experience is required

- Demonstrated ability to create information security runbooks, knowledge management, and other process documentation; in support of daily, weekly, monthly, and quarterly reporting cadences

- Ability to adapt to the use of new tools and approaches to address continuously emerging information security threats.

Ability to resolve incidents using critical thinking

Security skills and tools: Carbon Black, Imperva, Varonis, Tripwire, Forescout, Symantec Cloud Access Security Broker (CASB), SecureMail, Symantec WebPulse, VMRay, Symantec Web Security Service

Desired Security Certificates: Security+ from CompTIA, GIAC Security Essentials (GSEC), Certified Ethical Hacker (CEH), or other related Information Security certificates

Desired Skills & Experience - ITIL-based training, experience, or certifications on SIEM are a plus

- Network firewall knowledge is a plus

- Familiar with Oracle Databases is a plus

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.