Sawdey Solution Services is a Managed Service Provider (MSP) that offers IT and cybersecurity services to various clients. The Cybersecurity Engineer is responsible for implementing and maintaining Cybersecurity Maturity Model Certification (CMMC) projects while ensuring the integrity, security, and compliance of client information systems.
Responsibilities:
- Responsible for supporting MSD work/contracts inclusive of CMMC technical design and implementation, risk analysis, asset management, and overall client management
- Monitor and remediate security events including working with clients, end users, and vendors to address the event
- Work directly with client POCs and client Senior Management on project planning, execution, and implementation.?
- Perform day-to-day deployment, administration, and support of security infrastructure tools and systems, including but not limited to SIEM, Vulnerability Management, IDS/IPS, Anti-Virus, Anti-Malware, EDR, DLP, and other Network or System Monitoring tools.?
- Configure, troubleshoot, and support Exchange Online, SharePoint Online, Teams, OneDrive for Business, Intune, Defender XDR, and Entra ID.?
- Investigating alerts and suspicious activity to determine if an incident has occurred
- Provide immediate response to cybersecurity threats and intrusion
- Contain affected systems and networks to prevent the incident from spreading
- Conducting vulnerability testing, intrusion detection and prevention, risk management, and security assessments
- Provide and participate in Incident Response training for internal and external clients
- Assist in maintaining documentation on security architecture, procedures, and configurations
- Prepare clients and support CMMC Self-assessments and CMMC Third Party Assessments Organization (C3PAO) assessments
- Support client incident response activities both in and outside of standard business hours as needed
- Assist with onboarding and training of new Sawdey MSD team members
- May serve as a mentor to fellow Sawdey MSD team members
- Perform other duties, as assigned
Requirements:
- Seven (7) + years' IT-related experience
- Two (2) + years' of Incident Response experience
- Two (2) + years' Vulnerability Management experience
- Two (2) + years' managing endpoints
- Must be capable of working on cloud IaaS, PaaS, and SaaS systems, server infrastructure, and networking infrastructure
- Must have experience working with at least some of the following: Windows Server 2016-2022 and server roles such as Active Directory, DHCP, Group Policy, and DNS
- Microsoft Defender XDR
- Azure Sentinel
- PowerShell, Java, Python
- Must be able to effectively communicate with customer and fulfill all duties and responsibilities as listed in the contract
- Must be proficient in Microsoft Office suite including, but not limited to: Word, PowerPoint, Excel, and Outlook
- Must be able to communicate and collaborate with corporate employees, clients, and colleagues in a professional, respectful, and timely manner
- Must have daily and accurate time entry accounting for all service and non-service tasks
- Must be able to articulate technical information to non-technical people
- Must be self-motivated and self-directed with the ability to work with minimal direction and oversight
- Must be able to pay very close attention to detail
- Must be able to use personal smartphone device on an as-needed basis to perform job-related tasks such as supporting an on-call rotation, accessing Microsoft Teams and Outlook, and enabling/signing into multi-factor authentication (MFA) applications
- Background Check
- US Citizenship Requirements: This position supports a U.S. Government Contract whose terms require Sawdey Solution Services to staff it only with U.S. Citizens
- Bachelor's degree in an IT related field desired but not required
- Two or more of the following certifications are desired, but not required: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), CompTIA Cybersecurity Analyst (CySA+), CompTIA Security +, Microsoft 365 Certified: Administrator Expert, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Security Engineer Associate, Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), Cybersecurity Maturity Model Certification (CMMC) Certified Professional (CCP)