Cybersecurity Engineer

Job Description

SECURITY MONITORING

• Respond to all user, system, and network security incidents.
• Troubleshoot problems associated with security tools.
• Stay abreast of emerging security threats, vulnerabilities, and controls.
• Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls.
• Automate security controls, data, and processes to provide improved metrics and operational support.
• Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls, including SIEM and log Aggregation Tools. Tools may include Splunk or other managed SIEM solutions that utilize the Open Cybersecurity Schema Framework to normalize log data.
• Knowledge of the latest trends and awareness of current hacking techniques and cybercrime.
• Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus.
• Candidate should have a working knowledge of Palo Alto firewall technologies.

HOST AND CLOUD SECURITY

• Implement and administer automated security update technologies for client and server systems. Candidate should be familiar with WSUS for server patching, Intune for client patching or SCCM.
• Implement and administer advanced endpoint protection technologies. Technologies should include Windows Defender, CrowdStrike or other 3^rd party MDR agents.
• Test and identify network and system vulnerabilities and work with the appropriate owners to address them. Candidates should be familiar with network scanners such as Nessus, Tenable or Qualys and be able to interpret reporting and communicate remediation steps to others in the department.
• Help shape the organization s security policies and standards for use in on-premises and cloud environments.
• Create technical documents on the use of security technologies.

DATA SECURITY AND COMPLIANCE

• Direct and influence multi-disciplinary teams in implementing and operating information security controls. Candidate should be familiar with NIST, CJIS or CIS frameworks and understand how to implement one or more of these standards in a working environment.
• Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams.
• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders.
• Perform other related duties as requested.

Minimum qualifications (mandatory):

• Bachelor s degree. Additional experience may be substituted for education
• 2 years of related work experience with computer systems, applications and Cyber Security technologies. Additional education may substitute for experience
• Palo Alto Firewalls; ITS Palo Alto
• Familiar with event management
• Experience with Qualys or Tenable scanning technologies
• Strong understanding of security and compliance
• FW/SIEM/IPS skills
• Endpoint Security: MS Defender
• MS Intune