Engineer, Cybersecurity

Intercontinental Exchange, Inc. Atlanta , GA 30301

Posted 1 week ago

Job Purpose

The ICE Cybersecurity Architecture team is responsible for global Cybersecurity engineering and architecture in a highly-regulated critical financial infrastructure environment. We are looking for an Engineer to join our team.

Responsibilities

  • Security Analytics
  • Designs and maintains security data flow from network endpoints through aggregation, retention, parsing, SIEM correlation and datalake mining
  • Behavioral Analysis
  • Identifies and implements tools to baseline activity and alert or limit suspicious activity and insider threat among networks, databases, data and users
  • Intrusion Detection and Prevention
  • Maintains commercial and open source wired and wireless infrastructure, tweaking rules to limit false positives and keep up with new threats while producing actionable data. Designs and manages Web Application Firewall (WAF) logic and rulesets
  • Content Filtering and Advanced Threat Protection
  • Designs and adjusts egress content filtering, and advanced network and endpoint-based malware prevention and detection controls
  • Software Engineering - builds custom tools to automate SOC triage and response activities to combat phishing, lateral movement, system monitoring, and security workflow

  • Visualization

  • Identifies new solutions and enhances existing open source and bespoke visualization toolsets to identify trends, compress event triage, understand data flows, identify anomalies, and automate reporting and analysis
  • Document and effectively publish technology guidance and repeatable processes

  • Mentor peers within groups and individually

  • Improve processes and introduce superior technology

  • Take initiative to learn business goals, liaise with other departments, and identify ways to increase productivity in other ICE groups and offices

  • Serve as a responsible Subject Matter Expert (SME) on one or more tools or technologies via learning, testing, implementing, enhancing, and educating

Knowledge and Experience

  • University degree in Engineering, MIS, CIS, or related discipline

  • 3+ years of relevant experience

  • Hands-on experience with Systems Administration and/or IP Networking

  • Experience supporting an advanced software development organization

  • Experience in an exchange, trading facility, or financial services

  • Specific Technologies: Configuring, optimizing and tuning Tanium. Windows, Linux and Mac endpoint detection and analysis. Data collection, normalization, indexing, correlation, and visualization. Packet capture, protocol identification, and analysis. Network, application, and log-based behavioral detection tools. DNS and application-level content-filtering. SMTP content, header, and attachment detection, filtering, and analysis. Scripting, regular expressions, string-parsing, light SDLC, and project management

Intercontinental Exchange, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.

Additional Information

  • Job Type: Standard

  • Schedule: Full-time

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Staff Cybersecurity Engineer Operational Technology

Dexcom, Inc.

Posted 2 weeks ago

VIEW JOBS 10/7/2020 12:00:00 AM 2021-01-05T00:00 Position Summary: The Dexcom IT Department is expanding its OT cybersecurity program by adding a Staff Cybersecurity Engineer to design, implement and manage OT security technology such as network security (firewalls, DMZs, NAC and segmentation), endpoint security (patching, hardening, antimalware, etc. ), asset management and monitoring, SIEM, and passive vulnerability scanning and intrusion detection systems to secure a hybrid IT/OT computing environment that directly supports Dexcom's manufacturing and operations functions across multiple manufacturing plants and facilities. The position will also conduct security assessments, implement security controls, establish security standards and runbooks, develop threat detection/response and forensics capabilities, and provide technical direction for security operations and incident response investigations. The position offers opportunity for career advancement and additional responsibilities as the OT security function expands. Designs and implements security controls and systems aligned to NIST CSF and IEC 62443 to achieve the OT security program goals. Serves as lead engineer on assigned security technologies and services, ensures service uptime and reliability, troubleshoots service disruptions, investigates root causes and implements corrective actions and controls. Conducts threat modeling and security assessments, determines security requirements and specifications, and develops security solutions to satisfy design requirements. Serves as technical lead and guides other technical staff and stakeholders to implement security technology, while also considering and anticipating people and process factors. Drives results by instilling a sense of urgency and by using influence, communication, and collaboration across technical teams. Serves as technical lead of security operations and directs analysts in supporting asset management and monitoring systems, vulnerability management, intrusion detection systems and endpoint security systems. Serves as technical lead on OT security infrastructure and operations projects. Produces internal documentation, requirements, design specifications, system and network diagrams, runbooks, etc. Assesses OT and ICS security practices and recommends and implements process improvements. Stays abreast of the OT/ICS security industry, events and technologies and ensures security systems stay current and responsive to emerging threats and trends. Supports OT/ICS security awareness and training activities as needed. Typically requires a Bachelor's degree in a technical discipline, and a minimum of 812 years related experience or Master's degree and 57 years equivalent industry experience or a PhD and 24 years of experience. Expert knowledge in selected domains of OT security such as network security and segmentation, firewalls, DMZs, network access control (NAC), endpoint security and hardening, antimalware, passive asset discovery and monitoring, vulnerability management, SIEM, and threat detection and response systems. Strong understanding of networking, network security, and network security technologies. Experience managing and securing Windows, Linux, and embedded systems. Understanding of manufacturing environments and OT, ICS, SCADA, and PLC technology. Familiarity with OT security frameworks such as NIST CSF, IEC62443 and/or the Purdue model. Project management skills and ability to drive results across crossfunctional teams. Demonstrated success in influencing technical peers without direct authority to achieve results. Proficiency in communicating technical concepts both verbally and in written documentation. Ability to provide technical direction to other cybersecurity engineers and analysts. Willingness to travel and conduct assessments and deliver projects in different geographies. 4+ years of experience in a security engineering role. Experience in security operations, forensics, and incident response. Security certification such as CISSP, CISM, SANS/GIAC, GCIP, GICSP, GRID, etc. Ability to develop basic scripts in languages such as Powershell, Python, Java, etc. Functional Description: Technical Individual Contributor Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities. Designs and develops security features for products including systems, applications and/or solutions. Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle. Provides product security engineering recommendations and resolves integration and testing issues. Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events. Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues. Leads or participates in security architecture and design review meetings. 25 to 50% Possesses advanced knowledge of technical principles and theories. Recommends solutions in support of functional objectives tied to overall company objectives and strategies. Demonstrates significant technical expertise, collaboration with others and independent thought. Anticipates potential complex problems requiring an indepth evaluation. Demonstrates strategic thinking and commercial/industry understanding in functional projects. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Determines methods and procedures on new assignments and may coordinate activities of other colleagues. Dexcom, Inc. Atlanta GA

Engineer, Cybersecurity

Intercontinental Exchange, Inc.