Posted on Jun 2, 2022 by Request Technology
*We are unable to sponsor as this is a permanent full time role*
A prestigious company is on the search for a Security Engineer. The ideal candidate will have extensive hands-on experience with the analysis of security related data from our MSSP, SIEM and associated security tools and technologies.
- Document new processes and procedures as identified by leadership to ensure continuous improvements and maturity
- Participate in the Cybersecurity Incident Response Team to employ strategy, standards, processes, and technology to detect, respond, and recover from security incidents and limit occurrence or reoccurrence by using risk-based triage.
- Serve as an endpoint security expert for MSSP engagement and collaboration
- Ongoing engagement with MSSP security monitoring partners for ongoing refinement, tuning, analysis and reporting
- Stay abreast of Cyber Security best practices and emerging technologies to provide security recommendations tailored to specific requirements and needs.
- Review and respond to security events and alerts from our MSSP or security tools and services (IDS/IPS, SIEM, EDR)
- Perform internal and external vulnerability assessments and recommend remediation actions
- Maintain knowledge of current security threats, vulnerabilities, and mitigation techniques.
- Review new technology initiatives to evaluate security risk with proposed mitigation recommendations
- Maintain knowledge of common security control frameworks (NIST or equivalent)
- Strong analytical mindset with critical thinking for ongoing creation of metrics and reporting for varying audiences
- Adaptive coordination skills for ongoing tracking and follow up on security deliverables both inbound and outbound
- Third-party risk assessments and collaboration
Qualifications & Requirements:
- Bachelor's degree or equivalent experience
- Cyber security certification(s) (Any or multiple: CISSP, CISM, OSCP, GSEC, GCIH, GCFE, GNFA, GCIA)
- 3-6+ years experience in the Information Security field
- Demonstrated knowledge of security frameworks such as NIST
- Experience or functional knowledge in security concepts such as MITRE ATT&CK framework, NIST, CIS Benchmarks or equivalent.
- Strong understanding of enterprise technologies in Networking, Cloud, End Points
- Strong Firewall and intrusion detection/prevention capabilities
- Solid knowledge of Windows and Linux operating systems, vulnerabilities, and administrative techniques
- Experience in Scripting and automation of security solutions preferred but not required
- Ability to provide support after business hours when required
- Bachelor's Degree