Cyber Security Engineer

Posted 21 Days Ago
Hiring Remotely in Ashburn, VA
Remote
Junior
Information Technology • Consulting
The Role
The Cyber Security Engineer will focus on endpoint security and threat intelligence. Responsibilities include responding to security events, managing remediation actions, conducting threat hunting, and maintaining security posture with VMware Carbon Black Cloud. The role requires in-depth analysis of potential threats and incident management in a 24/7 environment.
Summary Generated by Built In

Company Description

 

Arthur Grand Technologies (www.arthurgrand.com) is in the business of providing staffing and technology consulting services. We have doubled our revenue year over year for the past 5 years. This speaks to the long-lasting relationship and customer satisfaction that we have built in this short span of time. Our company is managed by a team of professionals who worked for big 5 consulting firms for 20+ years. 

We are a minority owned staff augmentation and technology consulting company
To keep our valued employees, we need to keep them engaged in challenging, interesting work, offer market-relevant benefits and provide continued opportunities for professional growth.

 

Job Description

 

Role: Cyber Security Engineer

Location: Everett - WA (Remote till Covid)

Duration: FTE

Look for jr. with 6+ Years Exp.

Cyber Security Engineer – Endpoint Security and Threat Intel: (6+ years)

  • EDR, CompTIA Security+, Carbon Black PSC, Proofpoint, Threat Hunting, Splunk, Endpoint Security

General Summary:

Security engineer is tasked with conducting the technical aspects of response operation for critical events, escalated by SOC. This includes immediate containment, investigation and management of remediation actions, as well as enhancing defenses with the new knowledge acquired throughout the response process.

Roles and Responsibilities:

• Expert level knowledge of VMware Carbon Black Cloud EDR and real-time experience using Live-response capabilities, good exposure on threat hunting.

• Strong technical skills in VMware Carbon Black Cloud sensor rollouts and upgrades.

• Strong technical skills in analysis and information gathering related to potential malicious code artifacts in a safe, secure manner.

• Demonstrated ability to analyse ongoing situations for the potential of a malware-related security incident.

• Build BAU operations using VMware Carbon Black Cloud and create incident response process for the detections.

• Maintain and improve VMware Carbon Black Cloud policies and Endpoint Protection detections.

• Maintain security posture with strong configurations, watchlist reports and assist SOC monitoring team to understand the same.

• Plan and lead process improvement initiatives tailored to improve overall VMware Carbon Black Cloud detections.

• Analysing potentially malicious programs and software using a variety of tools to identify indicators of compromise (IOCs) that can be used in protective security systems.

• Responsible for monitoring sources that identify zero-day threats and work to protect from them.

• Responsible for threat hunting using a variety of available sources and tools .

• Carry out in-depth investigation on security events, raise incidents and support the incident management process with 24*7 support.

• Provide remote incident response activities and advice to support customers during and immediately after security incidents.

• Independently follow procedures to identify, contain, analyse, document and eradicate malicious activity.

• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.

• Escalate information regarding intrusion events, security incidents, and other threat indicators and warning information to the client.

• Track trends and configure systems as required to reduce false positives from true events.

• Experience/Expertise on all modules of Proofpoint Email Security (PPS, TAP, TRAP, Isolation, EFD)

• Experience in analysing phishing/spam/imposter/malware emails.

• Regular Clean-up activities ensuring that legacy configurations are updated as deemed necessary.

• Creating custom blocklist in Proofpoint TAP for the associated malware or imposter.

• Integration, upgrade, automating operations in Proofpoint TRAP.

• Work with O365 team during configuration changes in Proofpoint for the security module.

 

Additional Information

 

Knowledge, Skills, and/or Abilities Required:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

• 6 - 8 years of experience in cyber security & threat intelligence, all-source threat intelligence analysis, malware analysis and be fully versed in the malware behavior lifecycle. 4+ years in an information security antivirus/anti-malware/EDR or malware analysis role.

• Excellent communication skills, both oral and written, with various audiences; mature, confident, assertive communication style.

• Strong Knowledge of Cyber security incident response process and procedures.

• In-depth knowledge of the security threat landscape.

• Understanding of contemporary scripting languages such as python, and familiarity with application programming interfaces (API) as a delivery method for indicators and intelligence.

• Flexible to work in a 24*7*365 Security Operations environment.

• Attention to detail, but with an ability to understand the big picture view and understand when projects or efforts have conflicting objectives.

• Knowledge of data communication concepts and technologies, specifically email, networking, and enterprise security.

• Knowledge of various security methodologies and processes and technical security solutions.

• Knowledge of investigation techniques to determine security incidents.

• Hands-on experience in event and log analysis on endpoints.

• Excellent organizational skills, ability to prioritize and manage multiple tasks.

Product experience:

EDR (Carbon Black highly preferred, CrowdStrike Falcon, Sentinelone, etc.)

Email Security (Proofpoint PPS, TAP, TRAP, Isolation, EFD, etc.)

SIEM (Splunk Enterprise, IBM QRadar etc.)

Certifications:

Required: CompTIA Security+

Preferred: ISC2, Microsoft, EC Council, etc.

 

Top Skills

Security+
VMware
The Company
HQ: Ashburn, VA
135 Employees
On-site Workplace
Year Founded: 2012

What We Do

Arthur Grand Technologies an SBA certified 8(a) firm offers a broad range of Technology and Business Consulting services to federal and commercial customers. From strategy to execution, our disciplined yet flexible approach starts and ends with our clients. By listening hard and working harder, client goals become our goals. Their success is our satisfaction. Our associates have significant business, engineering, and technology expertise.

Similar Jobs

Magnite Logo Magnite

Senior Data Center Technician (Northern VA)

AdTech • Big Data • Digital Media • Software
Remote
Virginia, USA
915 Employees
95K-105K Annually
Remote
United States
10000 Employees
190K-290K Annually
Remote
US
273 Employees

Samsara Logo Samsara

Senior Security Operations Engineer - Incident Response

Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Easy Apply
Remote
United States
2800 Employees
135K-228K Annually

Similar Companies Hiring

Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account