Overview
On Site
60-65/hr
Contract - W2
Skills
Log Management
Vulnerability Management
Incident Management
Threat Analysis
Orchestration
Access Control
Network Security
Security Controls
Build Tools
Cybercrime
Cloud Security
Microsoft WSUS
Microsoft SCCM
Microsoft Windows
Network
Nessus
Reporting
Cloud Computing
Data Security
Management
Information Security
Security Architecture
Systems Engineering
Cyber Security
Firewall
Palo Alto
Event Management
Qualys
Regulatory Compliance
SIEM
IPS
Endpoint Protection
Splunk
Law Enforcement
CISSP
Job Details
General Summary:
The Enterprise Cyber Security Engineer will be responsible for log management, host security, cloud security, asset discovery, vulnerability management, incident response, threat intelligence, Security Incident and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), Network Access Control, and network security. The Enterprise Cyber Security Engineer will be responsible for one or more of these technologies, often working with one or more team members to support these functions.
Job Scope/Complexity:
Cybersecurity efforts at Johns Hopkins Public Safety are complex due to our mission and the complexity of supporting security projects and CJIS policy requirements. Incidents and projects are complex and varied, requiring the ability to balance the demands of multiple projects.
Job Responsibilities:
The responsibilities below illustrate work performed by this position. Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility.
SECURITY MONITORING
Respond to all user, system, and network security incidents.
Troubleshoot problems associated with security tools.
Stay abreast of emerging security threats, vulnerabilities, and controls.
Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls.
Automate security controls, data, and processes to provide improved metrics and operational support.
Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls, including SIEM and log Aggregation Tools. Tools may include Splunk or other managed SIEM solutions that utilize the Open Cybersecurity Schema Framework to normalize log data.
Knowledge of the latest trends and awareness of current hacking techniques and cybercrime.
Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus.
Candidate should have a working knowledge of Palo Alto firewall technologies.
HOST AND CLOUD SECURITY
Implement and administer automated security update technologies for client and server systems. Candidate should be familiar with WSUS for server patching, Intune for client patching or SCCM.
Implement and administer advanced endpoint protection technologies. Technologies should include Windows Defender, CrowdStrike or other 3rd party MDR agents.
Test and identify network and system vulnerabilities and work with the appropriate owners to address them. Candidates should be familiar with network scanners such as Nessus, Tenable or Qualys and be able to interpret reporting and communicate remediation steps to others in the department.
Help shape the organization s security policies and standards for use in on-premises and cloud environments.
Create technical documents on the use of security technologies.
DATA SECURITY AND COMPLIANCE
Direct and influence multi-disciplinary teams in implementing and operating information security controls. Candidate should be familiar with NIST, CJIS or CIS frameworks and understand how to implement one or more of these standards in a working environment.
Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams.
Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders.
Perform other related duties as requested.
Minimum qualifications (mandatory):
Bachelor s degree. Additional experience may be substituted for education
2 years of related work experience with computer systems, applications and Cyber Security technologies. Additional education may substitute for experience
Palo Alto Firewalls; ITS Palo Alto
Familiar with event management
Experience with Qualys or Tenable scanning technologies
Strong understanding of security and compliance
FW/SIEM/IPS skills
Endpoint Security: MS Defender
MS Intune
Preferred Job Qualifications:
Splunk and/or Arctic Wolf
Sentinel One
EDR solutions experience
Background or experience with law enforcement agencies is preferred
A CISSP certification is desirable
Knowledge in the assigned technical areas this position is responsible for
The Enterprise Cyber Security Engineer will be responsible for log management, host security, cloud security, asset discovery, vulnerability management, incident response, threat intelligence, Security Incident and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), Network Access Control, and network security. The Enterprise Cyber Security Engineer will be responsible for one or more of these technologies, often working with one or more team members to support these functions.
Job Scope/Complexity:
Cybersecurity efforts at Johns Hopkins Public Safety are complex due to our mission and the complexity of supporting security projects and CJIS policy requirements. Incidents and projects are complex and varied, requiring the ability to balance the demands of multiple projects.
Job Responsibilities:
The responsibilities below illustrate work performed by this position. Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility.
SECURITY MONITORING
Respond to all user, system, and network security incidents.
Troubleshoot problems associated with security tools.
Stay abreast of emerging security threats, vulnerabilities, and controls.
Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls.
Automate security controls, data, and processes to provide improved metrics and operational support.
Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls, including SIEM and log Aggregation Tools. Tools may include Splunk or other managed SIEM solutions that utilize the Open Cybersecurity Schema Framework to normalize log data.
Knowledge of the latest trends and awareness of current hacking techniques and cybercrime.
Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus.
Candidate should have a working knowledge of Palo Alto firewall technologies.
HOST AND CLOUD SECURITY
Implement and administer automated security update technologies for client and server systems. Candidate should be familiar with WSUS for server patching, Intune for client patching or SCCM.
Implement and administer advanced endpoint protection technologies. Technologies should include Windows Defender, CrowdStrike or other 3rd party MDR agents.
Test and identify network and system vulnerabilities and work with the appropriate owners to address them. Candidates should be familiar with network scanners such as Nessus, Tenable or Qualys and be able to interpret reporting and communicate remediation steps to others in the department.
Help shape the organization s security policies and standards for use in on-premises and cloud environments.
Create technical documents on the use of security technologies.
DATA SECURITY AND COMPLIANCE
Direct and influence multi-disciplinary teams in implementing and operating information security controls. Candidate should be familiar with NIST, CJIS or CIS frameworks and understand how to implement one or more of these standards in a working environment.
Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams.
Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders.
Perform other related duties as requested.
Minimum qualifications (mandatory):
Bachelor s degree. Additional experience may be substituted for education
2 years of related work experience with computer systems, applications and Cyber Security technologies. Additional education may substitute for experience
Palo Alto Firewalls; ITS Palo Alto
Familiar with event management
Experience with Qualys or Tenable scanning technologies
Strong understanding of security and compliance
FW/SIEM/IPS skills
Endpoint Security: MS Defender
MS Intune
Preferred Job Qualifications:
Splunk and/or Arctic Wolf
Sentinel One
EDR solutions experience
Background or experience with law enforcement agencies is preferred
A CISSP certification is desirable
Knowledge in the assigned technical areas this position is responsible for
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.