CYBER SYSTEMS ENGINEER - 100% REMOTE FOREVER!

CYBER SYSTEMS ENGINEER

100% REMOTE FOREVER

TEMP TO PERM, SALARY IS NEGOTIABLE

RESUME TO CRISS BRIENT AT:  CBRIENT@ALTAITS.COM                         

The Cyber Systems Engineer reports to the Lead within the CISO organization. The group is responsible for providing cyber engineering, cyber threat intelligence, forensics, malware analysis, and break-glass incident response support to the corporate Cyber SOC.

• Optimizing security operations, tools, and processes for a newly merged company. 

• Assisting with the selection of new security tools, implementing tools, and monitoring/managing security tools within the enterprise.

• Making technical and policy recommendations/decisions that affect corporate security posture, especially as it relates to DFARS 252, NIST SP 800-171, CMMC compliance).

• Providing Cyber Threat Intelligence to the Cyber SOC and performing Threat Hunting activities

• Assisting with forensic investigations

• Close coordination with SOC Analysts and Security Architects

• Understanding placement of network/security infrastructure and log coverage requirements for hosts, infrastructure, and network devices.

• Working collaboratively with other teams throughout the company to impact change and define an acceptable security posture

• Supporting the SIEM tool in a complex network environment and assisting security analysts in building operational processes around the SIEM ecosystem. 

• Ensure SIEM coverage and correct event types are arriving into SIEM, and create effective rules and dashboards to assist other groups.

• Tune and troubleshoot SIEM and other Cyber tools to deliver optimal performance in high volume enterprise customer environments

• Configure, troubleshoot and leverage security devices such as packet capture, endpoint EDR, and anti-malware

• Limited travel may be necessary support deployments or resolving issues.

• Investigating, interpreting, and responding to technical and/or complex IT security data.

• Ensuring security systems are backed up and operational. 

• Candidate must have a strong foundation of Network and Security skills, fundamental knowledge of operating systems (such as Windows, Linux, Cisco IOS, and hardened security appliances), networking protocols, network traffic analysis, cyber threat intelligence, threat hunting, and information security.

Qualifications:

• Experience supporting corporate environment with workstations.  Government customers or contractors a plus

• Experience supporting a Security Operations Center strongly desired

• Sufficient level of understanding of the multitude of tools required to be managed and implemented by a Security Operations team

• Experience with SIEM tools, log management, and structured query creation

• Experience/understanding of various control frameworks including NIST 800-171, CMMC, FedRAMP preferred

• Experience running tools in and supporting Cloud/hybrid cloud and on-prem environments preferred

• Experience implementing and reviewing corporate-wide security and networking policies and rules

• Experience with security orchestration, automation, APIs, and scripting.

• A strong understanding of threat actors, current TTPs, IoC management, and CTI processes

• A working knowledge of cyber attack techniques, and the ability to detect attacks without receiving a SIEM alert

• Experience with FTK, Encase, Write Blockers, Chain of Custody forms, and proper methodology for Cyber Forensics work

• Experience with both static and dynamic analysis of malware, and the tools/techniques/environments required to perform the work without introducing risk

• Strong report writing skills

• One or more technical certifications (OSCP, GIAC, etc.)