The client is seeking a SECURITY ENGINEER
Established security professional responsible for monitoring, analyzing, and responding to security events and incidents, building security solutions supporting Information Security capabilities and products, and maintaining and supporting existing security controls.
You will independently review and assess common and unusual security events from a variety of sources including commercial security event and incident monitoring technology. You will assist with engineering maintenance, and application administration for the Information Security tool suite including firewall rules, phishing controls and other common security tools, driving towards best practices, industry standards and compliant deployments.
Duties and Responsibilities:
- Monitor, analyze, and respond to security events and incidents.
- Experience with CriticalStart MDR (Managed Detection and Response), Splunk and Azure Sentinel, or with other SIEM tools and MDR services is acceptable.
- Review logs and security reports from various systems.
- Experience with Microsoft security reports and the Tenable.IO system for general vulnerability management is a plus.
- Respond to user tickets regarding issues with security systems or requests to adjust security capabilities (e.g., firewall rules, anti-malware exceptions, system password creation/reset, email/phishing rules and overrides). Capture complex user requests as written requirements, and coordinate with peers to execute complex requests.
- Perform troubleshooting against existing security controls and networking using tools like Wireshark, Task Manager, DNS utilities and other cloud or OS-specific tools.
- Build additional security controls using the same security tools and maintain and support existing security controls.
- Assist with security audits, perform vulnerably assessments and guide remediation with other teams.
- Create and maintain security documentation.
