Role: Cyber Security Engineer
Location: Boston, MA
Job Description:
We are looking to hire a Cyber Security Engineer with an analytical mindset and a detailed understanding and experience of the incident response process, advanced adversaries, PAM, SIEM, Web & Email gateway security, Cyber Kill Chain Model, and MITER ATT&CK Framework. In addition, Cyber Security Engineers must have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines.
A Cyber Security Engineer must display an excellent understanding of patch management, vulnerability management, endpoint security, data loss prevention, threat hunting, and incident response to ensure success. Additionally, top candidates will be comfortable working with various technologies, security problems, and troubleshooting & resolving security problems.
Cyber Security Engineer Responsibilities:
· Planning, implementing, managing, monitoring, and upgrading security measures to protect the organization's data, systems, and networks.
· Protect the organization's data and infrastructure by enabling the appropriate security controls.
· Provide timely incident response to all system and network security breaches.
· Perform log analysis using SIEM, generate dashboard and alerts, and detect security events
· Find evidence of illegal activity involving cybercrime offenses and examine computers that may be involved in other types of crime or malware infection.
· Use expertise to protect computers from infiltration and determine how a computer was broken into or recovered lost files.
· Use forensic tools and investigative methods to find specific electronic data associated with performing complex malware analysis.
· Identify and test network and system vulnerabilities.
· Conduct purple team activities
· Automate workflow processes via scripting with Python or similar.
· Research and maintain information on current security threats and applying knowledge to the security capability
· Participate in the change management process.
· Perform daily administrative tasks, reporting, and communication with the relevant departments in the organization.
Qualifications:
· Must have a Bachelor's degree in Computer Science or a related field.
· Must have at least five years of working experience with incident detection, incident response, and forensics.
· Experience with vulnerability management, endpoint security, email protection, Windows & Linux Security, SIEM, PAM tool, and data loss prevention. Office 365 Security, VSX and Endpoint Security.
· Experience with complex malware analysis and threat hunting
· Experience in writing complex correlation queries in SIEM
· Skill in writing scripts using Python, PowerShell, and Unix Shell scripting.
· Experience in working under pressure in a fast-paced environment.
· Must have strong attention to detail with an analytical mind and outstanding problem-solving skills.
· Must have an excellent awareness of cybersecurity trends, hacking techniques, and MITER ATT&CK and NIST Frameworks.
· Must have excellent communication skills, both written and oral.
· Desired to have one of the certifications: OSCP, C|TIA, GCTI, CCTIA, and CCTHP
Preferred technology experience:
1. Mimecast Email Protection
2. Tenable.IO
3. Carbon Black Defense
4. Splunk
5. AWS Data Guard
6. Office 365 Security
7. CyberArk