Consulting Engineer (Cybersecurity)

Role Context : The role of Engineering Consultant (EC) represents a hybrid between a traditional consultative position and that of a software engineer.

The EC leverages technical expertise to increase client security posture, deliver client satisfaction, and continually improve upon the client’s existing service(s).

The EC is responsible for acting as a service representative and trusted advisor to the client, understanding their specific needs and pain points.

Their technology and security know how, alongside their intimate understanding of the client, allow for them to deliver an unparalleled level of customization to the client.

Job Description : Engineering Consultants are responsible for the following activities :

• Day to day system operations, including health checks and required maintenance.
• Learning the client’s environment and acting as a remote advisor.
• Consulting with the client on general and specific security recommendations in relation to their systems.
• Creation of new use cases to address client needs and / or zero day activities.
• Creation of new reports to address client needs.
• Creation of new dashboards as required to monitor specific threats and / or activities.
• Tuning and updating of use cases, reports, and dashboards to reduce the level of false positives being detected.
• Interacting with the SOC to understand current threat trends, and incidents relating to the client.
• Supporting client through audits and / or supplemental investigations if needed.
• Host daily, weekly, and / or quarterly calls with client and other stakeholders.
• Troubleshoot issues relating to the SIEM solution and work with the vendor as needed.
• Integration and validation of new log sources into the solution.

Requirements :

• 4-year degree, or progressive technical work experience in the information security field with a preference given to SIEM technologies.
• SIEM technical knowledge, specifically around Splunk, LogRhythm, Q-Radar, or Securonix.
• Federal and regulatory compliance knowledge, such as PCI-DSS, NIST, SOX, HIPAA, etc.
• Experience managing perimeter security technologies, including tuning and monitoring.
• Thorough understanding of TCP / IP and networking
• Good understanding of various firewall technologies, including Cisco, Palo Alto, Juniper, etc.
• Windows server and *NIX OS builds and configurations, including system auditing and policies configuration.
• Working knowledge of Active Directory, GPO administration, security and audit policy configuration.
• Understanding of Microsoft SQL, Oracle, and other database technologies.
• Basic understanding of PowerShell a plus.
• Basic understanding of REGEX a plus.
• Relevant industry certifications, . CISSP, Security+, Network+, MCSE, etc.

LI-JM1