Security Engineer/Analyst Jobs

Part Time

About The Role

As a Security Engineer/Analyst, you will be responsible to help verify firewall/UTM configurations against best practices, use tools, track SIEM alerts and help prioritize, communicate, and remediate issues, build detailed IR runbooks for existing security protocols and processes.

A Security Engineer/Analyst continuously detects, analyzes and combats advanced threats. In addition to cybersecurity engineering responsibilities, the job role includes detecting vulnerabilities and mitigating associated cybersecurity risks. The analyst will also work with key security consulting stakeholders to improve security defenses to help fit home-grown assessments into a CIS18 framework.

Responsibilities

In this role, you'll get to

• Do cybersecurity configuration changes, based on best practices.
• Review, administer, track, and escalate potential threats that occur and recur generated from various detection sources.
• Evaluate, suggest ideas, and improve current operational security processes, orchestration, response platforms and report generation by automation to improve operational efficiency.
• Make predictions for the future and eliminate current vulnerabilities.
• Organize and analyze the collected data to determine trends in the security environment of the organize and analyze the collected data to determine trends in the security environment of the organization.

Requirements

On day one, we'll expect you to

• Endpoint Detection and Response (EDR) tools - These tools are designed to detect and respond to threats on individual endpoints such as laptops, desktops, and servers.
• Have at least 3+ years of experience with incident response, security operations, malware analysis, developing custom detection in a variety of security appliances or threat hunting
• Must have basic proficient skills/knowledge in some of the following:
• Have minimum 2+ years of cybersecurity engineering experience
• Be willing to work in US Pacific Time (8:00am-5:00pm PDT)
• Security Information and Event Management (SIEM) tools - These tools are used to collect and analyze security event data from multiple sources to identify potential threats.
• Network Traffic Analysis (NTA) tools - These tools analyze network traffic to identify and investigate potential security threats such as malware, unauthorized access, and data exfiltration.
• Experience building IR (Incident Response) Run books
• Have a fully functional and up-to-date computer with which to perform duties
• Possess effective oral and written communication, issue resolution, negotiation. Critical thinking and troubleshooting skills with a focus on analytical capabilities
• Have stable high-speed internet >100 Mbps
• Be a current resident of the United States and can perform work from there
• Vulnerability Scanners - These tools scan networks and systems for known vulnerabilities that could be exploited by attackers.
• Experience with BPA (Best Practices Assessment)
• Experience with UTM/ Firewall technologies, preferably Palo Alto
• Be willing to install next generation end point protection on the computer

Nice to have:

• At least a working knowledge of the Cobalt IO
• An intimate knowledge of Tenable, and CrowdStrike

Note:

• This is a remote (work from home) position.
• Temporary, Part-time position. Initial contract is (12 hours per week for 13 week duration)