Cyber Security Operations Engineer III

Description :

POSITION TITLE : Security Operations Engineer III - Network and Perimeter Security

WHAT YOU WILL BE DOING :

As a Network Security Engineer III, you will play a pivotal role in our organization's cybersecurity efforts. You will be responsible for leading and executing complex cybersecurity operations and incident response initiatives to safeguard our systems and networks against advanced threats.

Working closely with cross-functional teams, you will provide expert-level guidance to junior analysts and other teams within the organization.

PRIMARY DUTIES AND RESPONSIBILITIES :

Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.

Perform regular reviews or audits of deployed rulesets to identify drift from baseline.

Serves as primary point-of-contact in reviewing threats and vulnerabilities and ensuring servers and firewalls are properly configured and managed.

Monitor and address security incidents, implementing measures to enhance incident response and resolve security issues.

Perform regular reviews or audits of deployed rulesets to identify drift from baseline.

Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.

Perform triage of potential security incidents in accordance with the SOC (Security Operations Center) case handling procedures, alert handling procedures, and customer-specific procedures.

Mentor and provide guidance to junior network security engineers.

Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.

Participate in on-call rotation (including weekends) to ensure continuous operations.

EXPERIENCE, SKILLS AND EDUCATIONAL REQUIREMENTS :

Must have :

A Degree in Cybersecurity, Network Engineering, Computer Science, Information Systems or other related field, or equivalent work experience

5-7 years of combined IT and Network security work experience with a broad range of exposure to cybersecurity functions.

Profound knowledge of network security principles and best practices.

Analyze network communication flows (based on WireShark traces or Firewall loggings)

In-depth knowledge of network protocols (TCP / IP, LAN / WAN, Routing, HTTP, DNS, SMTP)

Hands-on extensive experience and proficiency performing network security investigations with the following security tool categories : (Firewalls, Network IDS / IPS Solutions, Switch / Router ACLs, Network Access Control solutions, Proxy Servers and Secure Web Gateway, SIEM, EDR, Email Security Gateway, SOAR, Anti-virus).

Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK, D3FEND, NIST, Cyber Killschain, etc.)

Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English

Experience in leading major incident breach response activities.

Ability to develop new, and follow existing operating procedures and runbooks

Highly skilled in technical incident report writing and maintenance of document and evidence repositories

CCNA, CCDA, CCNP, or Network+ certification required.

Nice to have :

Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian.

Security certification (i.e. Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH) or equivalent

Expertise in one or more of the following functional areas : Digital Forensics, Threat Hunting

Experience in developing network security tabletop scenarios

Experience in Python, PowerShell, Bash or any other scripting languages

Prior experience in developing detection rules and SOAR playbooks

Have you already identified a candidate? try var fgTooltip new FG.Tooltip( element : $('#cf descz18020520562596802527908'

text : "If a candidate has already been identified for this position please select Yes. Otherwise select No." ).initialize(); catch(err)

Additional Details

• Business Need : Increase in Workload
• Does the position allow for the worker to be virtual / remote? : (No Value)
• Work Hours : CST M-F 8am-6pm
• Have you already identified a candidate? : No
• If yes, please provide candidate and supplier name : (No Value)
• Client System / Network Access Required? : Yes
• Company Code : 8071 Shared Services
• LASH Program Name : *N / A

Savita Kumari

Brickred Systems

savita @brickredsys.com (business)