Cybersecurity Engineer

Title: Cybersecurity Engineer

Location: Austin, TX (3 days onsite)

Duration: Full Time

Key Responsibilities:

• Manage security monitoring solutions including Nessus, Tripwire, Change Gear and Splunk. Responsible for effective provisioning, installation/configuration, operation and maintenance of systems hardware and software and related infrastructure in the security stack.
• Implement and configure data inputs from diverse sources (network devices, servers, firewalls, etc.) into Splunk for analysis.
• Troubleshoot platform performance issues across the security stack (Nessus, Tripwire, Change Gear and Splunk).
• Monitor the security monitoring infrastructure for capacity planning and optimization.
• Install, configure, and maintain Splunk server components, including forwarders, indexers, search heads, and deployment servers.
• Manage the Linux environment.
• Design and implement custom Splunk queries (Search Processing Language) to create detailed, actionable security alerts and reports.
• Update applications, servers, and related components to ensure the tool is always on the most secure version.
• Support change management processes to ensure no adverse impact on dependent security controls.
• Provide engineering support for data aggregation, configuration change management, and vulnerability detection solutions.
• Develop and maintain hardening guides, security baselines, and standards that comply with NERC-CIP guidelines.
• Provide technical support to the incident response team on incident response and forensic investigations.
• Develop, maintain, and recommend enhancements to documentation, including SOPs, job aids, application checklists, and guidance documents.
• Facilitate and implement approved changes for system upgrades and new services.
• Perform implementation, administration, operations and maintenance, optimization, & integration of cybersecurity tools, technologies, and services
• Conduct vulnerability assessments, remediation, and risk analysis.
• Monitor security alerts and incidents, providing real-time response and resolution.
• Document and provide regular reports on system vulnerabilities, compliance, and incidents.
• Assist with security audits, compliance checks, and continuous improvement processes.
• Support the implementation of security policies, procedures, and best practices.

Required Skills & Qualifications:

• 5+ years of Splunk, Nessus, and/or Tripwire administration experience
• 5+ years of experience in cybersecurity, responsible for security operations, maintenance and maturity of enterprise cybersecurity tools.
• 5+ years of demonstrated experience with scripting or programming languages such as Python, PowerShell, Java, Unix Shell Scripts, C, and/or C++.
• Experience in configuring, maintaining, and optimizing Splunk components (forwarders, indexers, search heads, deployment servers).
• Experience in developing and customizing Splunk applications, dashboards, reports, and alerts for specific security use cases.
• Strong understanding of industry regulations (NERC CIP, etc.).
• Strong problem-solving, analytical, and troubleshooting skills.
• Excellent communication and teamwork skills.
• Nice to have: Any of Splunk-related certifications (e.g., Splunk Certified Admin, Splunk Certified Power User), CISSP, CISM, CEH, CompTIA Security+ or other relevant security certifications.