Job Description :
Key Responsibilities:
Deploy and Manage and Monitor EDR tools, DLP tools, SIEM tools, NGFW
Operating and maintaining security tools
Incident response and risk mitigation
Security engineering
Advanced troubleshooting techniques
Key Skills:
Incident Response
Monitor, correlate, and analyze P&P network traffic.
Provide Tier 1 and Tier 2 incident analysis and response support for real time events generated by security devices, as well as possible post incident support.
Strong understanding of risk factors/vectors/levels
Report security-related incidents
Develop after action reports including root cause analysis
Perform research on cyber threats.
Provide recommendations for improving the efficiency and effectiveness of incident response processes
Security Architecture and Engineering
Deploy, integrate, operate, and monitor key security technology components.
Strong understanding of cybersecurity threats model and associated vulnerabilities.
Develop and maintain the organizations security architecture.
Augment existing system administration capabilities using systems engineering expertise.
Provide IT security system troubleshooting and administration.
Configure and maintain key security devices including NGFW, DLP, EDR, EPP, SIEM, and IAM.
Mandatory Qualifications
Requires a bachelor’s degree in Computer Sciences.
Must have 5 years of cybersecurity experience, CISSP, CISM, CISA are a plus.
3 to 4 years of experience performing IT Security Operations including: incident response, vulnerability assessment, continuous monitoring, IT forensic analysis as well as IT Security Engineering including: security technology planning, implementation, and operation.
Experience in one of the leading SIEM solutions (Splunk, Exabeam, QRadar)
Desirable Certifications
CEH, AWS Certified SysOps Administrator, CAP, SSCP, GSEC, GCIH, GCIA, GPEN, GCED, GSNA, GSIP, GCFA, GCFE.