Join the team
This role comes with excellent benefits (unlimited responsible PTO, health/vision/dental), and has an experience-based salary structure. We’re looking for someone that is a ‘jack of all trades’ within IT Security.
MUST BE A HIGH-LEVEL ENGINEER.
- SOC – Security Operations Center experience.
- Incident Response to cyber events.
- Threat analysis and/or threat hunting.
- Vulnerability management.
- Technical background in security technologies, networking and systems.
As a Senior Cyber Security Engineer, you will be responsible for protecting system boundaries and ensuring that IT systems, applications and network devices are hardened against threats. The position addresses potential information security incidents. You will utilize your exceptional communication skills to interact with both technical and non-technical colleagues, and to provide technical leadership for your colleagues and the organization.
- Serves as the lead for day-to-day threat identification and vulnerability/risk analysis.
- Perform advanced event and incident analysis, including baseline establishment and trend analysis.
- Remain current on cyber security trends and intelligence in order to guide the security analysis & identification capabilities of the team.
- Perform threat, vulnerability, risk assessments, and investigations.
- Responsible for the engineering, design, implementation, maintenance, analysis, and administration of security technologies.
- Participate in and lead projects for security requirements, network design reviews, and security testing for network, systems, and other IT teams.
- Coordinate with the systems, network and development team to ensure network security standards are being followed and implemented correctly.
- Evaluate new security technology & emerging threats and provide recommendations to strengthen the information security environment.
- Coordinate the handling and resolution of incidents of security breach.
- Provide analytical and technical security recommendations to other team members and other users.
- Identify requirements based upon need or as the result of a security issue that puts organizations’ systems at risk.
- Experience with vulnerability scanning, and understands how to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, and proper identification of high-severity vulnerabilities.
- Perform internal and external penetration tests with multiple technologies.
- Proactively conduct security threat analysis and recommend solutions to manage network, systems and application vulnerabilities.
- Review and analyze new systems (hardware and software) and provide recommendations concerning their security.
- Install, configure, and maintain information security technologies.
- Active member to recommend effective security configurations and architecture. Liaison to effectively communicate and architect security solutions.
- Develop documentation to support ongoing security systems operations, maintenance and specific problem resolution.
- Provide support off-hours in addition to regular work days to troubleshoot escalated issues and apply production changes where needed.
- Bachelor’s degree in Computer Science, Information Technology or similar field, or equivalent experience.
- 4+ years of information security experience with a focus on network, application and architecture.
- 2+ years of security operations center experience with security monitoring and incident response.
- Specific Information Security related experience including encryption, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment.
- Knowledge of email security gateway, cloud and virtual technologies.
- In-depth knowledge of mapping business requirements to technology and ability to identify security gaps at the architecture level.
- Knowledge of common security vulnerabilities such as: XSS/CSRF, SQL Injection, Buffer Overflow, and DoS attacks.
- Knowledge of the HTTP protocol, including analyzing the request/response.
- Demonstrated experience with commercial and open source testing and auditing tools such as Paros, BURP, nmap, and Metasploit.
- Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders.
- Understanding of networking, operating systems such as Linux and Windows.
- Demonstrated knowledge of security industry standards and best practices such as OWASP and NIST.
- Excellent interpersonal, analytical and problem-solving skills.
- Proven ability to manage multiple tasks/projects.
- GCIA, GNFA, CISSP, CEH, or other relevant certification preferred
Please create a one- to two-minute video resume of yourself (in addition to your paper resume), introducing yourself and explaining why you feel this may be a good position for you. Please list any salary requirements, and share a link to this video via YouTube, Dropbox, etc. when you submit your resume.
Please submit your resume here.