Security Engineer

*We are unable to sponsor as this is a permanent full time role*

A prestigious company is on the search for a Security Engineer. The ideal candidate will have extensive hands-on experience with the analysis of security related data from our MSSP, SIEM and associated security tools and technologies.

Responsibilities:

• Document new processes and procedures as identified by leadership to ensure continuous improvements and maturity
• Participate in the Cybersecurity Incident Response Team to employ strategy, standards, processes, and technology to detect, respond, and recover from security incidents and limit occurrence or reoccurrence by using risk-based triage.
• Serve as an endpoint security expert for MSSP engagement and collaboration
• Ongoing engagement with MSSP security monitoring partners for ongoing refinement, tuning, analysis and reporting
• Stay abreast of Cyber Security best practices and emerging technologies to provide security recommendations tailored to specific requirements and needs.
• Review and respond to security events and alerts from our MSSP or security tools and services (IDS/IPS, SIEM, EDR)
• Perform internal and external vulnerability assessments and recommend remediation actions
• Maintain knowledge of current security threats, vulnerabilities, and mitigation techniques.
• Review new technology initiatives to evaluate security risk with proposed mitigation recommendations
• Maintain knowledge of common security control frameworks (NIST or equivalent)
• Strong analytical mindset with critical thinking for ongoing creation of metrics and reporting for varying audiences
• Adaptive coordination skills for ongoing tracking and follow up on security deliverables both inbound and outbound
• Third-party risk assessments and collaboration

Qualifications & Requirements:

• Bachelor's degree or equivalent experience
• Cyber security certification(s) (Any or multiple: CISSP, CISM, OSCP, GSEC, GCIH, GCFE, GNFA, GCIA)
• 3-6+ years experience in the Information Security field
• Demonstrated knowledge of security frameworks such as NIST
• Experience or functional knowledge in security concepts such as MITRE ATT&CK framework, NIST, CIS Benchmarks or equivalent.
• Strong understanding of enterprise technologies in Networking, Cloud, End Points
• Strong Firewall and intrusion detection/prevention capabilities
• Solid knowledge of Windows and Linux operating systems, vulnerabilities, and administrative techniques
• Experience in Scripting and automation of security solutions preferred but not required
• Ability to provide support after business hours when required
• Bachelor's Degree