Cybersecurity Engineer

Job Title - Cybersecurity Engineer

Job Location - Ridgeland, SC 29936

Contract - 3 years

24/7 Security Operations Center (SOC) Monitoring

• Continuous monitoring of network traffic, endpoints, servers, firewalls, switches, routers, and security devices
• Monitoring of security events, alerts, and logs
• Threat detection and correlation analysis
• Real-time alerting and escalation procedures
• Detection of ransomware, malware, unauthorized access attempts, and suspicious activity
• Continuous review of security telemetry and threat indicators
• Identification and triage of critical cybersecurity incidents
• Threat intelligence integration
• Continuous monitoring of cloud-based systems and services where applicable
• Security event management and reporting
• Security log review and analysis
• Security alert prioritization and escalation
• Documented escalation procedures and incident notification timelines.

Cyber Network Monitoring

• Network traffic analysis
• Internal and external network monitoring
• Firewall monitoring and rule review
• Intrusion detection and prevention monitoring
• Unauthorized device detection
• Network anomaly detection
• Bandwidth and suspicious communication monitoring
• Monitoring for lateral movement within the network
• DNS monitoring and analysis
• VPN monitoring
• Remote access monitoring
• Monitoring of privileged accounts and administrative access
• Continuous health monitoring of cybersecurity systems
• Recommendations for improving network security architecture where vulnerabilities or weaknesses are identified.

Patch Management Services

• Operating system patch management
• Third-party software patch management
• Firmware update management
• Security update testing and validation
• Critical vulnerability remediation
• Patch deployment scheduling and coordination
• Emergency patch deployment for critical threats
• Patch compliance reporting
• Vulnerability prioritization
• Documentation of applied patches and remediation activities
• Verification and validation of successful patch deployment
• Procedures to minimize operational disruption while ensuring timely remediation of vulnerabilities.

Vulnerability Management

• Routine vulnerability scanning
• Internal and external vulnerability assessments
• Vulnerability prioritization based on risk
• Remediation recommendations
• Validation of remediation efforts
• Reporting of critical vulnerabilities
• Risk scoring and tracking
• Assistance with remediation planning
• Coordination with County IT staff
• Monthly vulnerability assessment summaries and remediation status reports.

Incident Response Services

• Incident detection and analysis
• Incident containment recommendations
• Threat eradication support
• Recovery assistance
• Root cause analysis
• Incident documentation
• Forensic coordination support
• Coordination with County IT staff and leadership
• Escalation procedures for critical incidents
• After-action reporting and recommendations
• Emergency contact procedures and escalation paths available 24/7.

Existing Tools and Software Integration

• Assess and integrate with the County s existing cybersecurity tools
• Utilize existing monitoring, logging, and endpoint solutions whenever possible
• Minimize unnecessary replacement of existing systems
• Provide recommendations only where improvements are necessary
• Identify any required licensing or integration costs
• Coordinate with County IT staff regarding compatibility and implementation
• Identify tools currently supported
• Additional tools proposed
• Any required software changes
• Any additional hardware requirements
• Any licensing dependencies.

Compliance and Audit Support

• NCIC audit preparation, management, and support
• SLED cybersecurity audit support and completion
• CJIS audit preparation, compliance support, and documentation management
• CJIS Security Policy compliance assistance
• Security documentation maintenance
• Policy and procedure review assistance
• Audit evidence collection and preparation
• Remediation planning for audit findings
• Compliance reporting
• Coordination with state and law enforcement entities as required
• Assistance with cybersecurity risk assessments
• Documentation necessary for compliance reviews
• Primary responsibility for completing all required cybersecurity audit deliverables under the scope of this contract.

Reporting Requirements

• Weekly cybersecurity briefing reports summarizing incidents, vulnerabilities, remediation activities, patching status, and threat activity
• Weekly status meetings or virtual briefings with County IT leadership as requested
• Comprehensive monthly executive cybersecurity reports
• Incident summaries
• Patch compliance reports
• Vulnerability remediation status reports
• Threat activity summaries
• Security event metrics
• Compliance and audit status updates
• Recommendations for cybersecurity improvements
• Quarterly cybersecurity posture reviews
• Audit readiness and compliance status reporting for NCIC, CJIS, and SLED requirements
• Immediate notification for critical cybersecurity incidents