Security Engineer- Hybrid

We are hiring Security Engineer- Hybrid for a CTH/PERM position in Golden Valley, MN

Required Qualifications:
Bachelor s degree or equivalent
3+ years experience in Information Technology
2+ years Experience performing incident response type activities
Excellent desktop tool proficiency including Microsoft products (e.g. Word, Excel, Access, and PowerPoint)
Knowledge of structured methodologies and standards such as ISO 27000, NIST, PMI, ITIL, CMMI, OWASP, and CoBit
Awareness of federal and state security-related legislation including HIPAA, PCI, JCAHO, NCQA
Experience with Palo Alto Networks and Microsoft Security solutions
Experience with Cisco ASA s
Experience with Meraki MX
Arctic Wolf MDR respond / remediate to actionable critical alerts

Preferred Qualifications:
Relevant security certification (GCIH, GCIA, CISSP, Security +, etc.)
Experience with host, network and email-based security tools
EDR\XDR and NGFW experience
Experience working in a SOC or incident response team
Malware analysis or experience reviewing static and dynamic analysis findings
Forensics experience using open source or licensed tools such as Magnet AXIOM
Experience with PowerShell, Python, JavaScript or other relevant languages leveraged by adversaries
Experience with SOAR solutions or other automation experience
Excellent critical thinking skills, attention to detail, logic and analytical mindset
The ability to stay calm and work under pressure
The ability to independently investigate security events and follow leads
Excellent written and verbal communication skills
The ability to present security event findings to other analysts and leadership

Accountabilities:
Primary function will consist of investigating and responding to security events as detected by endpoint, network and email-based security solutions leveraged by our customer
Documentation of security event findings as part of the incident response process
Threat hunting and custom rule development
Forensic analysis of security incidents or internal investigations as necessary
Management and support of tools and security solutions owned and maintained by CTU
Participation in an on call rotation providing 24/7 investigation and response to security events which meet certain criteria
Work within the Cyber Threat Unit to develop new automation playbooks

Promotes IS&T s security program to ensure the confidentiality, integrity and availability of our customer s network and infrastructure
Performs security forensic services, gathering and consolidating data artifacts
Monitors security event reports and actions; ensuring the appropriate response is performed and coordinated
Provides IS&T security control guidance and interpretation to IS&T Application, IS&T Technical Infrastructure, and our customer s staff and management
Provides security consultation to small projects and assists with implementation for security access on major implementations
Updates Security Program documentation per senior security management guidance and participation
Promotes and educates staff on security principles and our customer s policy and process
Assists with the coordination and development of system security enhancements
Coordinates and documents vulnerability management activities
Maintains awareness of the latest developments in key areas of responsibility and brings forward opportunities that might benefit the organization Additional Information