|
POSITION SUMMARY The Sr. Security Engineer is responsible for testing physical, logical, and electronic protection of data, including cloud, corporate, web application, access control, intrusion detection/prevention, virus protection, and more, as well as Digital Forensics, Software Development, Vulnerability Research, Reverse Engineering, Software/Hardware Engineering, and Operational Consultancy (e.g., Red Teaming/Hunt, Mission Evaluation) and performing incident response and working in the global security operations center. The Sr. Security Engineer will also assist with identifying current and emerging cyber events, along with developing countermeasures with known and/or discovered indicators. RESPONSIBILITIES
- Resolve incidents and problem tickets, escalated to the Incident Response Team, issued against supported devices within published SLAs
- Identify opportunities for process improvement and automation of repetitive tasks leveraging a SOAR platform
- Operate security operations technology (SIEM/EDR) and provide ongoing system support and advice to other users of this technology
- Devise and implement approaches to monitor applications and data flows via effective information dashboards for operational metrics, end-to-end system data processing, incident management, change control, and compliance
- Use monitoring data in combination with other sources to analyze the risk of a successful attack
- Proactively recommend new tools, techniques, and procedures to enhance SOC performance and quickly learn new tools as they are introduced
- Actively search all areas of the internal network for hidden threats and vulnerabilities
- Assist in the development and documentation of policies and processes
- Support audits and compliance efforts
- Participate in red/blue/purple team exercises as needed to analyze threat scenarios and assess internal defenses. Document results
- Engage positively across multiple teams to establish clarity, vision, and mutual trust in order to achieve business goals
- Adheres to industry-specific local, state, and federal regulations, as applicable
- Other duties as assigned
QUALIFICATIONS
- Bachelor's degree preferred. Three additional years of related experience beyond the minimum may be substituted in lieu of a degree.
- Three years of IT engineering experience
- 5+ years of cybersecurity incident response participation (Preferred)
- Certified Information Systems Security Professional (CISSP) certification (Preferred)
- Knowledge of operating systems internals and endpoint security experience
- General knowledge of APT campaigns, Tools, Techniques, & Procedures (TTP), malware attack vectors, memory injection techniques and malware persistence mechanisms
- Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are Monday-Friday standard core hours, however some extended or weekend hours may be required.
- Ability to obtain at least a Top Secret clearance
BENEFITS Constellis offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflect its commitment to creating a diverse and supportive workplace.
Equal Opportunity Employer Race/Color/Sex/Sexual Orientation/Gender Identity/Disability/Vet
|