Cyber Security Engineer

About The Position

Requirements

• Postgraduate/graduate with cybersecurity major and passion for cybersecurity.
• Interest in network, host, and cloud-based security, attack techniques, analysis, and investigation.
• Can understand and write at writing search queries or analytics for popular SIEM solutions.
• Understanding of a variety of logs coming from cloud, network or endpoint devices, including logs from AWS and Azure.
• Knowledge of cloud security monitoring and in advanced cloud log analytics.
• Strong curiosity and ability to continuously question every process and technology to identify security risk and provide mitigations.
• Passionate about vulnerability, intrusion, and incident assessment, remediation, and management skills.
• Knowledge of security technologies (e.g., AV, IDS/IPS, NGFW, SIEM, WAF, DLP, encryption certification management and malware analysis and protection), with a commitment to keep current with the latest developments in this field.
• Experience in identity management/authorization and authentication (e.g., SSL, IPSEC, PKI, SAML, Kerberos, LDAP).
• Strong familiarity with Windows or Linux OS (preferably both).
• Strong analytical and troubleshooting skills driven by a logical, methodical approach.
• Someone who is transparent and open to feedback.
• A sense of urgency without sacrificing quality.
• A collaborative team player with high standards and ethics.

Responsibilities

• Analyze network traffic (including cloud networks AWS and Azure); flow logs; audit logs; DNS logs; server logs (including web servers, load balancers, proxies, etc.); and OS and application logs to identify compromised systems, identify denial of service attacks, and pinpoint resource abuse.
• Perform secure code reviews of multiple coding languages/platforms.
• Conduct complex investigations and deep analysis of security events focused on rapid containment, remediation, and mitigation.
• Detect, triage, analyze, and respond to cyberattacks and other malicious activities such as intrusion attempts, DDoS, malware distribution, phishing attacks, etc., originating from OR targeted toward Forrester.
• Apply insight and expertise to examine malicious code (malware), attack vectors, network communication methods, analyze threats against target systems and networks, and determine vulnerabilities.
• Proactively hunting threats, blue teaming, performing exploit and vulnerability research, all to find and close loopholes exploited by bad actors.
• Locating trends in abuse/attack vectors, communicating with leadership to apprise of extent, and suggesting appropriate product changes to prevent future occurrences.
• Contribute to designing, implementing, and managing security incident and vulnerability management and reporting.
• Develop technical solutions to help mitigate security vulnerabilities and automate tasks to increase operational efficiency.
• Design and establish continuous monitoring programs using cybersecurity monitoring, vulnerability scanning, and intrusion detection and management tools.
• Identify opportunities to improve the quality and resiliency of the company’s systems and applications.
• Research and recommend solutions to improve the company’s security posture on-premises and in the cloud.
• Partner with operations and infrastructure engineering teams to implement and tune security monitoring, tooling, and reporting.