Security Incident Engineer
Posted on Jun 3, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Security Engineer. Candidate will be an essential member of our security program; someone who is relied upon for coordination of team activities and deliverables, metrics collection and reporting, incident handling and response, and critical thinking for ongoing maturity of security alerting.
Candidate will have extensive hands-on experience with the analysis of security related data from our MSSP, SIEM and associated security tools and technologies.
- Document new processes and procedures as identified by leadership to ensure continuous improvements and maturity
- Responsible for the investigation, analysis, and response to suspicious behavior, attacks and security breaches within the company's environment using cyber defense tools and our third party partners
- Participate in the Cybersecurity Incident Response Team to employ strategy, standards, processes, and technology to detect, respond, and recover from security incidents and limit occurrence or re-occurrence by using risk-based triage.
- Serve as an endpoint security expert for MSSP engagement and collaboration
- Ongoing engagement with MSSP security monitoring partners for ongoing refinement, tuning, analysis and reporting
- Stay abreast of Cyber Security best practices and emerging technologies to provide security recommendations tailored to specific requirements and needs.
- Review and respond to security events and alerts from our MSSP or security tools and services (IDS/IPS, SIEM, EDR)
- Perform internal and external vulnerability assessments and recommend remediation actions
- Maintain knowledge of current security threats, vulnerabilities, and mitigation techniques.
- Review new technology initiatives to evaluate security risk with proposed mitigation recommendations
- Maintain knowledge of common security control frameworks (NIST or equivalent)
- Strong analytical mindset with critical thinking for ongoing creation of metrics and reporting for varying audiences
- Adaptive coordination skills for ongoing tracking and follow up on security deliverables both inbound and outbound
- Third-party risk assessments and collaboration
- Cyber security certification(s) (Any or multiple: CISSP, CISM, OSCP, GSEC, GCIH, GCFE, GNFA, GCIA)
- 3-6+ years experience in the Information Security field
- Demonstrated knowledge of security frameworks such as NIST
- Experience or functional knowledge in security concepts such as MITRE ATT&CK framework, NIST, CIS Benchmarks or equivalent.
- Strong understanding of enterprise technologies in Networking, Cloud, End Points
- Strong Firewall and intrusion detection/prevention capabilities
- Solid knowledge of Windows and Linux operating systems, vulnerabilities, and administrative techniques
- Experience in Scripting and automation of security solutions preferred but not required
- Demonstrated detail orientation, self-starter and ability to work independently with limited supervision or direction; equally effective in a collaborative setting.
- Organization and keen multi-tasking abilities are a must
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance-related concepts to a broad range of technical and non-technical staff
- Ability to provide support after business hours when required
- Bachelor's Degree