Cybersecurity Assessment Expert at IT - Strat managing A&A of information systems for U.S. federal clients. Ensuring compliance with DOD cybersecurity policies and standards in complex IT environments.
About the role
- Information Security Engineer managing incident detection and response for Safe-Guard Products. Involves vulnerability management, data protection, and security engineering activities.
Responsibilities
- Security Operations is a team that is responsible for incident detection and response (IR), vulnerability management (VM), Data Protection (DP) and security engineering activities.
- The Security Operations Engineer will be able to handle IR alerts and escalations from multiple sources and is responsible for implementing, maintaining, monitoring and managing security technologies to support SIEM, Endpoint Detection & Response (EDR), Vulnerability Management, Data Protection and others.
- The engineer delivers these solutions and services in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.
- As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.
- The engineer reports on findings and provides recommendations for corrective action.
- Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.
- Performs assessments of the IT security/risk posture within the IT software and applications.
- Provides weekly project status reports, including accomplishments and outstanding issues.
- Assist with incident response and system stability issues as they occur, including involvement outside of regular work hours.
- Leverage approved AI technologies to optimize results in Security Operations.
- Implement, manage and maintain event and log collection, reporting and compliance requirements.
- Design and build SIEM dashboards and reporting tools required by technical teams.
- Help correlate events to support SOC response requirements.
- Maintain up-to-date level of knowledge related to security threats, vulnerabilities and mitigations.
- Tune the SIEM with threat intelligence sources, and correlate event indicators and threats.
- Support SOC automation initiatives leveraging playbooks, while also using human analysis as needed.
- Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team.
- Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes.
- Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services.
- Collaborate with IT operations to manage internal- and external-facing systems to identify, track and remediate system and application vulnerabilities.
- Support IT operations’ responsibility to remediate system and application vulnerabilities.
- Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets.
- Document, prioritize, recommend, validate and report on the state of vulnerabilities.
- Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats.
- Implement and manage data discovery and classification to understand where sensitive data resides and how it is used.
- Design, tune and operate DLP and CASB controls to prevent unauthorized data exposure and data exfiltration.
- Drive DSPM initiatives to identify overexposed, redundant or high-risk data and support data minimization efforts.
- Produce clear metrics and insights on data protection posture, risk trends and control effectiveness.
Requirements
- Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent.
- 5-7+ years of related experience required.
- CISSP (preferred); CISM and/or SANS certification or other related certifications a plus.
- Highly technical and analytical expertise, with a proven background in technology design, implementation and delivery.
- Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
- Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), antivirus and firewalls, endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, data protection and application controls.
- Skilled in meeting vulnerability and penetration testing requirements.
- Excellence in communicating business risk from cybersecurity issues.
- Experience managing SIEM systems, vulnerability management, threat intelligence platforms, security automation and orchestration solutions, data loss prevention (DLP) and other network and system monitoring tools.
Benefits
- Competitive Benefits
- Career path
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Director leading Information Security at KPMG Budapest, developing programs and policies to align with global priorities and strategy.
Senior Security Engineer responsible for deploying and maintaining endpoint security solutions. Collaborating across teams to enhance security posture and supporting incident response activities.
Administrative support role within MAHLE's Thermal and Fluid Systems unit, assisting the team with various operational tasks and employee interactions.
Senior Security Engineer at PagBank focusing on application security and secure development practices. Responsibilities include testing, vulnerability management, and collaboration with development teams.
Security Software Engineer at a tool - building company automating coding. Focused on shipping secure products covering enterprise security, cloud, and embedded protections.
Senior Product Cyber Security Systems Engineer at Sonova focusing on product security and cyber threats. Collaborating with teams to maintain robust security practices and compliance.
Threat Exposure Oversight Specialist enhancing security risk management in Cyber Defence team. Collaborating across functions to validate and document security controls and risks.
Lead Security Engineer at Octopus Energy, ensuring security in digital energy solutions and managing a team. Join us in revolutionizing the renewable energy transition.
Lead Information Security Analyst driving security improvements and team management at Octopus Energy. Join us in ensuring secure service delivery across our global operations.