Title: Cyber Security Engineer
Location: Raleigh NC
Long Term
Onsite
GC, USC, H1B, GC EAD
The Cyber Security Engineer reports to the Cyber Security Manager and is responsible for driving security posture improvements and ensuring effective delivery of security functions like security incident detection and response to support companies mission and objectives. This newly created position will be part of a high performing team and assist the Cyber Security Manager in executing the Cyber Security strategy and road map to protect companies assets from security threats.
A successful candidate will be a resourceful self-starter capable of owning security solutions and platforms and the incident detection and response function end-to-end and will work closely with the Cyber Security Manager, a peer Cyber Security Engineer and other IT towers to support corporate objectives and planned projects.
Responsibilities
- Advance the Cyber road map and contribute to identification, prioritization, and implementation of security posture improvements
- Maintain and optimize security software and tools
- Troubleshoot outages, service degradation or general connectivity issues attributed to security devices or policy and propose and implement corrective solutions
- Evaluate capabilities and effectiveness of control environment and its individual controls and platforms, recommend required enhancements to the Cyber Security Manager, and implement proposed enhancements and improvements within planned timelines and budget
- Liaise with the Managed Detection and Response (MDR) services provider and ensure quality delivery through reporting and governance
- Respond to and investigate potential and confirmed security incidents, lead response efforts, lessons learned, and implementation of proposed security improvements
- Work with members of IT, application and system owners, and the business when required to remediate systems and applications with detected vulnerabilities.
Qualifications
- Industry certifications, or demonstrated extracurricular participation in one or multiple security domains are required
- Minimum 10 years of experience in IT
- Minimum 5 years of experience in IT Security
- Candidate must demonstrate hands-on experience in the below areas:
- M365 Security
- Endpoint Protection
- Identity Governance and Identity Administration (IGA)
- Zero trust principals and application
- A diverse technical skill set with the desire to stay “up to speed” with the changing threat landscape, trends, and security solutions on the market
- Demonstrated knowledge of tactics, techniques, and procedures (TTP’s) commonly used by threat actors and indicators of compromise (IoC’s)
- Awareness of cyber attack models- MITRE Att&ck, Cyber Kill Chain and how these translate to defense planning
- Solid understanding of security in platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS)
- Ability to quickly assess risk impact from environment changes like implementation of new solutions or software, network design change or integration, and modification of system features
- Motivation and drive to continually “survey” the threat landscape and seek out optimization opportunities to improve effectiveness of controls
- Willingness to learn the design and operation of the greater tech stack and enterprise shared services to recognize opportunities for optimization, understand the impact of implementing prevention, and contribute to project planning
- Ability to maintain a people, process, technology view through design, build, and run phases of service and solution delivery
- Ability to handle multiple tasks, prioritize and meet deadlines
- Familiarity with regulatory and legal obligations:
- SOX
- ITGC
- Understanding of IT Security frameworks:
- NIST CSF
- CIS CSC
- Excellent written and verbal communication skills
- Able to lead or participate in Cyber Security incident response and investigations
- Relevant experience in manufacturing, industrial, or energy industries recommended
Preferred Qualifications - What Will Set You Apart
- Desired Certifications (or equivalent demonstrable experience):
- One of the below:
- CEH
- CISSP
- CompTIA Security+
- Plus one or more vendor specific certs
- Microsoft (preferred)
- NextGen firewall/UTM vendor cert (e.g., Fortinet, Palo Alto)
- SANS certification demonstrating specialized knowledge within a security domain
- Knowledge of PowerShell
Please share your Updated Resume to sundeep@cloudresources.net