Information Security Engineers

Job title: Information Security Engineers

Rang Technologies Inc has openings for Information Security Engineers in Piscataway, NJ and other unanticipated locations nationwide.

Duties:

• Setup, update, and support firewall policies and rules according to the organizations security policy and industry best practices.
• Perform cloud security assessments and provide risk mitigation strategies in the cloud environment.
• Implement and maintain log ingestion pipelines that collect, normalize, and timestamp logs from systems, applications, and cloud services.
• Perform health checks and data quality reviews to support security monitoring and incident investigation activities.
• Conduct security assessments using the MITRE ATT&CK framework.
• Plan, implement, manage, monitor, and upgrade security infrastructure for the protection of organizational data, systems, and networks.
• Support the implementation and maintenance of systems and processes for detecting, investigating, and responding to security threats.
• Perform incident triage and assist in security investigations and response activities.
• Conduct basic network and host forensic analysis in accordance with established procedures.
• Implement and maintain Security Orchestration, Automation, and Response (SOAR) workflows to automate alert triage, enrichment, and response using predefined security runbooks.
• Develop playbooks for handling phishing, malware, and lateral movement incidents.
• Identify gaps within endpoint and system security and implement Endpoint Detection and Response (EDR) solutions to improve the security posture of the environment.
• Monitor US-CERT alerts and similar notifications for threat data, trends, and Indicators of Compromise (IOCs) in cloud environments.
• Perform Identity and Access Management (IAM) review audits for privileged accounts.
• Implement Zero Trust security models to enforce least-privilege access.
• Configure and establish baseline Advanced Threat Protection (ATP) policies to protect cloud-based Exchange email environments from malware, phishing attempts, and spam.
• Review monthly vulnerability scans and document remediation processes for identified vulnerabilities.
• Implement remediation activities to maintain a high security standard.
• Develop and implement security awareness programs to educate employees on information security and emerging threats, including social engineering and phishing attacks.
• Support risk assessments by mapping organizational assets, threat sources, and vulnerabilities to business impacts.
• Contribute findings to risk registers, treatment plans, and compliance reports.
• Track remediation activities and support ongoing monitoring and reassessment efforts.
• Perform penetration testing on applications, networks, and cloud environments to identify exploitable vulnerabilities.
• Document penetration testing findings with risk ratings and proof-of-concept evidence.
• Assist in retesting activities to validate remediation efforts.
• Ensure that organizational systems, workstations, data, and infrastructure are protected by implementing appropriate security controls to prevent attacks and breaches.
• Implement a Vulnerability Management solution and design, manage, and lead a Vulnerability Management program.
• Identify and remediate vulnerabilities across business assets.
• Implement, configure, and maintain Security Information and Event Management (SIEM) solutions.
• Manage log ingestion pipelines, log source integrations, security monitoring, and alerting rules to support enterprise security operations.

Requirements: At least a bachelors degree in Computer Science or a closely related field. Send resume to Rang Technologies Inc: 15 Corporate Place South, Suite 356, Piscataway, NJ 08854.

We are an equal opportunity employer. It is our policy to provide employment, compensation, and other benefits related to employment without regard to race, color, religion, sex, gender, national or ethnic origin, disability, veteran status, age, genetic information, citizenship, or any other basis prohibited by applicable federal, state, or local law.