Security Engineer (CyberOps) in Alpharetta, GA at HUNTER Technical Resources

Date Posted: 4/30/2020

Job Snapshot

Job Description

Job Description:
The Cyber Operations team is currently looking for a talented and motivated security engineer to support our comprehensive efforts to detect and respond to emergent cyber-threats. You will work in a fast paced, highly dynamic and challenging, globally diverse environment.

The successful candidates will lead teams focused on network and cloud countermeasures to improve detection and response. You will work with various teams across the organization, and around the world to support various aspects of cyber detection and response.

Responsibilities:
  • Creation of custom network IPS signatures, YARA rules, rules for detection in cloud platforms
  • Improve visibility into encrypted traffic and ensure countermeasures are functioning to provide security to the company as expected
  • Creation and implementation of custom Proxy, HIPS, NIPS, and/or DLP rule sets in order to further protect the enterprise.
  • Work with SIEM team to create and implement custom alerting rules in SEIM for review and investigation.
  • Review proposed firewall, proxy, and other network infrastructure change to determine the most restrictive rules, while still fulfilling the needs of the business.
  • Demonstrating sound IT knowledge to identify/respond to common attacks through common vectors and methods with support from senior team members as needed.
  • Implementation of technical responses to identified Indicators of Interest in Security tools related to cyber-attacks to aid in blocking or alerting on future activity.
  • Gather structured data for the purposes of metrics and reports.
  • Describe and document system functionality, problem areas, and feature gaps in new and existing analytical tools.
  • Actively attempts to enrich team value by sharing knowledge
  • Available to solve and address security events of interest or incidents on as needed / on-call basis.
Requirements:
  • Solid experience and knowledge of tools used for network security (NIPS, HIPS, AV, Firewalls, etc)
  • Experience in signature development (IPS, Yara, A/V, etc.)
  • Scripting and coding experience (bash, PowerShell, python, etc.)
  • Experience with open source tools (Security Onion, Moloch, Elastic Search, etc.)
  • Solid understanding of *nix and Windows operating system functionality
  • Superb analytical, documentation, and communication skills is highly desired
  • Experience developing and proposing technical solutions for complex problems
  • Experience in in-depth evaluation of disparate data sources (trends and reporting)
  • Experience in system testing and use case development in support of highly technical customized applications.
Education & Other Requirements:
  • B.S. Computer Science/Engineering or similar technical degree program or equivalent experience
  • 5+ years of experience in operational security, incident response, and / or forensics
  • Personal interest in Cyber/Information Security