Cyber Security Engineer
We are working closely with a leading Asset Manager based in central NYC who are recruiting a Senior Cyber Security Engineer. This role will be senior within the team of Cyber Security Engineers and will provide SME services across Security Automation, Threat Hunting, IDS, Incident Response, SIEM, network forensics & host forensics.
In the Cyber Security Engineer role, you’ll be responsible for providing technical expertise but also have the opportunity to help define the cybersecurity technology, policies and roadmap. This role would suit a Cyber Security Engineer currently working at a senior level in a SOC (Security Operations Centre) environment, or in a less formalised structure but still with expertise in Automation, Threat Hunting, IDS, Incident Response, SIEM, network forensics & host forensics.
Key Responsibilities of a Cyber Security Engineer:
- Use of Python, PowerShell or Bash scripting to simplify and automate the cybersecurity domain.
- Responsible for cybersecurity engineering services to include proof of concept, design, deployment and maintenance for the cybersecurity products such as SIEM, IDS/IPS, firewalls, IDS, web application firewalls (WAF), Vulnerability Management, Mobile Device Management and Endpoint Security solutions.
- Conducting threat hunting.
- Ownership of the IDS (Intrusion Detection Systems) and Security Incident and Event Management (SIEM) technologies.
- Ownership of wider security technologies including Anti-Malware, tools, logs, etc.
- Conducting network forensics and host forensics.
- Conducting thorough incident response activities when necessary, alongside proactive monitoring of networks, applications and systems.
The Ideal Candidate:
- Prior experience in a technical Cyber Security Engineer role would be preferable.
- Experience in programming or scripting for tool build and automation.
- Experience with cybersecurity tools and technologies including IDS (Intrusion Detection Systems) and Security Incident and Event Management (SIEM), Anti-Malware, vulnerability scanning etc.
- Experience in threat hunting would be preferable.
- Experience working in an incident response capacity will be necessary (either managed service incident response or internal incident response will be acceptable).
- Experienced in network forensics/ host forensics.
- Experience working as part of a CSIRT (Computer Security Incident Response Team), SOC (Security Operations Centre) or Offensive Security Team would be preferable.