Security Engineer (Tier 3 End Point) (Microsoft Defender ATP)

company banner
Swoon Group
Security, Engineer, Cisco, Management, IT, CISSP, Windows, Linux, Release, TCP, IP, System
Full Time

Job Description

Swoon's leading client in Austin, TX is seeking Tier 3 End Point / Microsoft Defender ATP Security Engineer for a 12+ month contract! Are you ready to be Swoon'd?

***All candidates must be a ====.***

The preferred candidate will have a total of 10 years' experience in the Information Technology/ Information Security industry, with minimum of 5 years of experience as a Security Engineer configuring and maintaining Endpoint security technologies. Candidate should have strong communications skills, both written and verbal, be comfortable presenting information to teammates, customer technical personnel and Leads and Managers.

This is an engineer role and the candidate must be able to demonstrate ability to install, manage and maintain endpoint security technologies in a cloud environment. Demonstrated experience in supporting endpoint security technologies as an engineer is REQUIRED. Holding vendor certifications for one or more of the following is preferred for this position: McAfee Endpoint Security, Tanium Protect, or CrowdStrike, Cisco AMP.

This position is based in AUSTIN, TX, and will support the customer's 24x7 Security Operations Center (SOC). This position is in direct support (on-site at customer facilities) of a customer in the government sector. We are providing Managed Security Service Provider (MSSP) functions related to the Security Operations Center (SOC) including Tier 1 through Tier 3 resource capabilities and activities related to security monitoring, threat, and vulnerability management and incident response (IR).

Selected candidates must be ====s, pass a CJIS background check process, and complete basic safety and security training to meet the customer requirements.

Responsibilities

  • Provision security tools for customer.
  • Develop and maintain configuration for one or more suite(s) of endpoint protection technologies.
  • Help determine tactics, techniques, and procedures (TTPs) for security tools.
  • Recommend computing environment vulnerability corrections.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
  • Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
  • Perform patch management for customer's endpoint security tools.
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
  • Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms.
  • Ability to work in multiple End Point Management systems to provide a complete Enterprise Solution.


Qualifying Experience and Attributes

10 Years experience in IT
  • Ability to configure and troubleshoot endpoint technologies such as antivirus, antimalware, host based intrusion prevention, virtual patching, and endpoint encryption.
  • Expert level knowledge of Microsoft Defender ATP, Microsoft Threat Experts, AutoIR, EDR.
  • Holding vendor certifications for one or more of the following is preferred for this position: McAfee Endpoint Security, Tanium Protect, Cisco AMP, CrowdStrike.
  • Direct experience managing and troubleshooting multiple the identified endpoint security products
  • Other industry certifications such as CISSP, GCIH, CEH, etc. are a plus.
  • Working knowledge of VMWare Solutions (vCenter and VSAN a big plus)
  • Working knowledge of Windows Active Directory Domains
  • Working Knowledge of various Linux OS
  • Strong Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of encryption algorithms, cryptography, and cryptographic key management concepts.
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of network traffic analysis methods.
  • Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • Knowledge of what constitutes a network attack and it's relationship to both threats and vulnerabilities.
  • Knowledge of defense-in-depth principles and network security architecture.
  • Knowledge of cyber attackers (e.g., script kiddies, insider threat, nation/non-nation state sponsored).
  • Knowledge of system administration, network, and operating system hardening techniques.
  • Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • Signature implementation impact for viruses, malware, and attacks.
  • Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • ==== and must be able to pass background check(s)

#dcejobs



Id: 42740


Company Information

Swoon is a career hub that’s unlike any other; a place where the focus is on the people first and the placement second. We live by our mantra "Listen. Place. Care." To us, it is essential that we listen to our clients' and candidates' needs and put in the legwork to make sure that our placements are always a perfect match. We form relationships, not just connections, and we pride ourselves on our contractor care initiatives. Our accomplishments continue to increase each year, and we have received some of the highest honors in the industry. We were named a "Best Staffing Firm to Work For" by Staffing Industry Analysts in 2017, 2015 and 2014. We were awarded Inavero's "Best of Staffing Award" in 2018, 2017 and 2016 for exceptional service quality. This honor was achieved through high satisfaction ratings given to us by our clients and job candidates. In 2016, we made the list for Inc. 5000's "Fastest-Growing Private Companies in America" and were recognized in 2017 and 2016 as one of Women Presidents' Organization’s "50 Fastest-Growing Women-Owned" companies. We are 2017, 2016 and 2015 recipients of the "National Best and Brightest Companies to Work For" award, which honors companies that demonstrate exceptional commitment to their employees. We've made our mark by finding out what makes our clients and candidates tick, and that’s why 96% of our clients want to be swoon'd over and over again.
Dice Id : 10360791
Position Id : 42740
Originally Posted : 1 month ago