Security Engineer Full Time

Key Accountabilities

• Responsible for sustained support of all delivered mission-specific IT equipment (hardware and software), including customized and standalone IT equipment to ensure availability
• Manage SIEM and security related devices such as Firewall, IDS, EDR and DLP.
• SIEM Engineering, SIEM use case development and SOAR development
• Manage and operate cloud based security products and solutions.
• Ensure the health of data sources feeding into the SIEM or other security related tools, such as system logs, application logs, firewall logs, packet captures.
• Assist with assessments and forensic analysis when directed.
• Creation of dashboards, reports and correlation rules/use cases.
• Collaborates with the SOC team to ensure the organizations systems are operational and secure
• Collaborates with SOC team to plan, create and deploy the tools needed to achieve objectives.
• Assist in the development of internal operational architecture, tools, and procedures for ways to improve performance.
• Collaborate with development organizations to create and deploy the tools needed to achieve objectives.
• Work in shift, or on-call to cover 24/7 window
• Provide monitoring support where necessary

Requirements:

• A bachelor degree in a related field (IT, engineering) is preferred.

• At least 7 years of relevant work experience in cybersecurity
• Good knowledge of network and security tools such as Microsoft Azure Sentinel, Nagios/Zabbix, Splunk, Juniper SRX, Cisco ASA, Palo alto, Fortigate and Security Onion.
• Strong knowledge of IT ticketing systems, case management tools such as TheHive or Resilient.
• Strong understanding of network and system architectures, HLD and LLD
• Strong experience in or expert knowledge of TCP/IP, Mitre ATT&CK and Cyber Kill Chain
• In-depth knowledge on security devices and applications such as DLP, Endpoint Security (Microsoft Defender, Carbon Black EDR, Velociraptor), Firewalls as well as authentication services like ACL, TACACS, RADIUS
• Strong understanding of Change Management and Incident handling
• Working knowledge of NIST Security Control Standards
• Desired certifications are: CEH, GCIA, CCNA, CCNP, ITIL