Information Security Engineer
United States
Full Time
3 hours ago
No H1B
Key skills
CloudCyber SecurityFirewallsAIPenetration Testing
About this role
Role Overview
- Security Operations is a team that is responsible for incident detection and response (IR), vulnerability management (VM), Data Protection (DP) and security engineering activities.
- The Security Operations Engineer will be able to handle IR alerts and escalations from multiple sources and is responsible for implementing, maintaining, monitoring and managing security technologies to support SIEM, Endpoint Detection & Response (EDR), Vulnerability Management, Data Protection and others.
- The engineer delivers these solutions and services in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.
- As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.
- The engineer reports on findings and provides recommendations for corrective action.
- Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.
- Performs assessments of the IT security/risk posture within the IT software and applications.
- Provides weekly project status reports, including accomplishments and outstanding issues.
- Assist with incident response and system stability issues as they occur, including involvement outside of regular work hours.
- Leverage approved AI technologies to optimize results in Security Operations.
- Implement, manage and maintain event and log collection, reporting and compliance requirements.
- Design and build SIEM dashboards and reporting tools required by technical teams.
- Help correlate events to support SOC response requirements.
- Maintain up-to-date level of knowledge related to security threats, vulnerabilities and mitigations.
- Tune the SIEM with threat intelligence sources, and correlate event indicators and threats.
- Support SOC automation initiatives leveraging playbooks, while also using human analysis as needed.
- Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team.
- Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes.
- Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
- Collaborate with IT operations to manage internal
- and external-facing systems to identify, track and remediate system and application vulnerabilities.
- Support IT operations’ responsibility to remediate system and application vulnerabilities.
- Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets.
- Document, prioritize, recommend, validate and report on the state of vulnerabilities.
- Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats.
- Implement and manage data discovery and classification to understand where sensitive data resides and how it is used.
- Design, tune and operate DLP and CASB controls to prevent unauthorized data exposure and data exfiltration.
- Drive DSPM initiatives to identify overexposed, redundant or high-risk data and support data minimization efforts.
- Produce clear metrics and insights on data protection posture, risk trends and control effectiveness.
Requirements
- Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent.
- 5-7+ years of related experience required.
- CISSP (preferred); CISM and/or SANS certification or other related certifications a plus.
- Highly technical and analytical expertise, with a proven background in technology design, implementation and delivery.
- Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
- Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), antivirus and firewalls, endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, data protection and application controls.
- Skilled in meeting vulnerability and penetration testing requirements.
- Excellence in communicating business risk from cybersecurity issues.
- Experience managing SIEM systems, vulnerability management, threat intelligence platforms, security automation and orchestration solutions, data loss prevention (DLP) and other network and system monitoring tools.
Tech Stack
- Cloud
- Cyber Security
- Firewalls
Benefits
- Competitive Benefits
- Career path