Cyber Security Operations Engineer
Cyber Security Operations Engineer
Posted on :
18-10-2024
Employer Active
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Description:
POSITION TITLE: Security Operations Engineer III Network and Perimeter Security
WHAT YOU WILL BE DOING:
As a Network Security Engineer III you will play a pivotal role in our organizations cybersecurity efforts. You will be responsible for leading and executing complex cybersecurity operations and incident response initiatives to safeguard our systems and networks against advanced threats. Working closely with crossfunctional teams you will provide expertlevel guidance to junior analysts and other teams within the organization.
PRIMARY DUTIES AND RESPONSIBILITIES:
Review proposed change requests to rules or policies for firewalls router access control lists IPS and proxies.
Perform regular reviews or audits of deployed rulesets to identify drift from baseline.
Serves as primary pointofcontact in reviewing threats and vulnerabilities and ensuring servers and firewalls are properly configured and managed.
Monitor and address security incidents implementing measures to enhance incident response and resolve security issues.
Perform regular reviews or audits of deployed rulesets to identify drift from baseline.
Review proposed change requests to rules or policies for firewalls router access control lists IPS and proxies.
Perform triage of potential security incidents in accordance with the SOC (Security Operations Center) case handling procedures alert handling procedures and customerspecific procedures.
Mentor and provide guidance to junior network security engineers.
Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.
Participate in oncall rotation (including weekends) to ensure continuous operations.
EXPERIENCE SKILLS AND EDUCATIONAL REQUIREMENTS:
Must have:
A Degree in Cybersecurity Network Engineering Computer Science Information Systems or other related field or equivalent work experience
57 years of combined IT and Network security work experience with a broad range of exposure to cybersecurity functions.
Profound knowledge of network security principles and best practices.
Analyze network communication flows (based on WireShark traces or Firewall loggings)
Indepth knowledge of network protocols (TCP/IP LAN/WAN Routing HTTP DNS SMTP)
Handson extensive experience and proficiency performing network security investigations with the following security tool categories: (Firewalls Network IDS/IPS Solutions Switch/Router ACLs Network Access Control solutions Proxy Servers and Secure Web Gateway SIEM EDR Email Security Gateway SOAR Antivirus).
Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK D3FEND NIST Cyber Killschain etc.)
Excellent written communication skills with a focus on translating technically complex issues into simple easytounderstand concepts in English
Experience in leading major incident breach response activities.
Ability to develop new and follow existing operating procedures and runbooks
Highly skilled in technical incident report writing and maintenance of document and evidence repositories
CCNA CCDA CCNP or Network certification required.
Nice to have:
Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian.
Security certification (i.e. Certified Information Systems Security Professional (CISSP) Offensive Security Certified Professional (OSCP) GIAC Certified Incident Handler (GCIH) or equivalent
Expertise in one or more of the following functional areas: Digital Forensics Threat Hunting
Experience in developing network security tabletop scenarios
Experience in Python PowerShell Bash or any other scripting languages
Prior experience in developing detection rules and SOAR playbooks
WHAT YOU WILL BE DOING:
As a Network Security Engineer III you will play a pivotal role in our organizations cybersecurity efforts. You will be responsible for leading and executing complex cybersecurity operations and incident response initiatives to safeguard our systems and networks against advanced threats. Working closely with crossfunctional teams you will provide expertlevel guidance to junior analysts and other teams within the organization.
PRIMARY DUTIES AND RESPONSIBILITIES:
Review proposed change requests to rules or policies for firewalls router access control lists IPS and proxies.
Perform regular reviews or audits of deployed rulesets to identify drift from baseline.
Serves as primary pointofcontact in reviewing threats and vulnerabilities and ensuring servers and firewalls are properly configured and managed.
Monitor and address security incidents implementing measures to enhance incident response and resolve security issues.
Perform regular reviews or audits of deployed rulesets to identify drift from baseline.
Review proposed change requests to rules or policies for firewalls router access control lists IPS and proxies.
Perform triage of potential security incidents in accordance with the SOC (Security Operations Center) case handling procedures alert handling procedures and customerspecific procedures.
Mentor and provide guidance to junior network security engineers.
Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.
Participate in oncall rotation (including weekends) to ensure continuous operations.
EXPERIENCE SKILLS AND EDUCATIONAL REQUIREMENTS:
Must have:
A Degree in Cybersecurity Network Engineering Computer Science Information Systems or other related field or equivalent work experience
57 years of combined IT and Network security work experience with a broad range of exposure to cybersecurity functions.
Profound knowledge of network security principles and best practices.
Analyze network communication flows (based on WireShark traces or Firewall loggings)
Indepth knowledge of network protocols (TCP/IP LAN/WAN Routing HTTP DNS SMTP)
Handson extensive experience and proficiency performing network security investigations with the following security tool categories: (Firewalls Network IDS/IPS Solutions Switch/Router ACLs Network Access Control solutions Proxy Servers and Secure Web Gateway SIEM EDR Email Security Gateway SOAR Antivirus).
Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK D3FEND NIST Cyber Killschain etc.)
Excellent written communication skills with a focus on translating technically complex issues into simple easytounderstand concepts in English
Experience in leading major incident breach response activities.
Ability to develop new and follow existing operating procedures and runbooks
Highly skilled in technical incident report writing and maintenance of document and evidence repositories
CCNA CCDA CCNP or Network certification required.
Nice to have:
Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian.
Security certification (i.e. Certified Information Systems Security Professional (CISSP) Offensive Security Certified Professional (OSCP) GIAC Certified Incident Handler (GCIH) or equivalent
Expertise in one or more of the following functional areas: Digital Forensics Threat Hunting
Experience in developing network security tabletop scenarios
Experience in Python PowerShell Bash or any other scripting languages
Prior experience in developing detection rules and SOAR playbooks
Additional Details
- Business Need : Increase in Workload
- Does the position allow for the worker to be virtual/remote : (No Value)
- Work Hours : CST MF 8am6pm
- Have you already identified a candidate : No
- If yes please provide candidate and supplier name : (No Value)
- Client System/Network Access Required : Yes
- Company Code : 8071 Shared Services
- LASH Program Name : *N/A
Savita Kumari
Brickred Systems
savita@brickredsys.com (business)
Employment Type
Remote
Company Industry
Key Skills
- Splunk
- Compliance Management
- IDS
- SOC
- Cybersecurity
- Identity & Access Management
- Security
- Information Security
- Process Engineering
- Metadata
- Encryption
- Siem
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
