Senior Cybersecurity Engineer (On Site)

Responsibilities

• Coordinate with Cyber Defense resources, Infrastructure teams, and Application/Product leads to manage and administer the updating of rules and signatures for the various cybersecurity solutions.

• Perform system administration and management on specialized cyber defense applications and systems to include installation, configuration, maintenance, backup, and restoration.

• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.

• Assist in assessing the impact of implementing and sustaining cyber defense infrastructure.

• Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).

• Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).

• Collaborate with stakeholders to design and establish a penetration testing program tailored to internal needs.

• Execute penetration tests using a variety of tools and techniques, simulating real-world attacks.

• Prepare comprehensive reports summarizing test results, including identified vulnerabilities, risk ratings, and recommended remediation steps.

Qualifications

• 5 to 7 years of experience in securing IT systems with 3 years of direct cybersecurity experience. 2 years of experience securing or utilizing one of the major cloud platforms (Azure, AWS, and GCP) is desired.

• Familiarity with computer networking concepts, protocols, and network security methods.

• Understanding of scripting and coding techniques (e.g., Python, JSON, APIs, etc.)

• Awareness of cyber threats and vulnerability management.

• Proficiency in data backup and recovery to restore systems/platforms.

• Experience with email security filtering.

• Grasp of cybersecurity and privacy principles.

• Expertise in Virtual Private Network (VPN) security.

• Acquaintance with web application filtering technologies.

• Comprehension of security architecture concepts and principles based on defense-in-depth.

• Insight into identity and access management concepts, processes, and integrations.

• Mastery of web application security concepts, tools, and methods.

• Familiarity with pen testing tools, processes, procedures, and best practices.

• Understanding of system, network, and OS hardening techniques.

• Experience with security logging for both on-premise, bare-metal, and cloud-based platforms.

• Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), and Secure Web Gateways (SWG).

• Proficiency in endpoint protection and management.

Desired Certifications

• Certified Information Systems Security Professional (CISSP)
• SANS/GIAC Certification (Various)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)