Cyber Security Engineer

About The Position

Requirements

• Security+ or higher certification required.
• Two plus years of experience managing systems and or networks.
• Strong experience with corporate antivirus/antispam, security, and backup solutions.
• Strong knowledge of VMware and virtual environments.
• Strong knowledge of Active Directory, Group Policy, and PowerShell scripting.
• Knowledge of enterprise network security fundamentals: TCP/IP, DNS, DHCP, routing/switching, segmentation, VPNs, NAT, and secure network design.
• Hands-on enterprise firewall experience (NGFW preferred): building and troubleshooting rules, NAT, VPN tunnels, content filtering, threat profiles, logging, and policy optimization.
• Experience with IDS/IPS and/or enterprise network detection concepts (signatures, anomaly detection, tuning, false-positive reduction).
• Knowledge of switching and routing, including secure configuration practices.

Nice To Haves

• Systems Engineer/Systems Administrator/Network Administrator experience preferred

Responsibilities

• Serve as an escalation point for SOC Analysts by providing technical guidance and support on complex security investigations.
• Help define, document, and improve SOC processes and procedures to ensure consistent, high-quality security operations.
• Provide recommendations to leadership and customers to strengthen security posture, reduce risk, and improve resiliency.
• Partner with internal teams, clients, and vendors to drive resolution of high-priority security issues and coordinate security initiatives.
• Uphold and exemplify Acture’s Core Values: Accountability, Customer First, Trust, Integrity, Opportunity, Nurturing Positive Culture & Fun.
• Investigate and determine root cause of all security alarms no matter the level of threat. Provide references to the research related to the conclusion.
• Own and support customer network security posture across perimeter, internal network, and cloud connectivity, ensuring confidentiality, integrity, and availability.
• Assess, deploy, monitor, manage, and maintain network security controls including next-gen firewalls (NGFW), IDS/IPS, web filtering, VPN concentrators, WAF (where applicable), and security appliances across customer environments.
• Configure, harden, and validate firewall policies (least privilege, object/group standards, rule lifecycle management), including NAT, geo/IP reputation controls, application control, SSL inspection (where approved), and logging requirements.
• Knowledge of secure network segmentation (VLANs, ACLs, inter-VLAN routing controls) to limit lateral movement and isolate critical assets (servers, backups, OT/IoT, guest/wireless).
• Knowledge of secure remote access including site-to-site VPN, client VPN, MFA integrations, certificate-based authentication, and conditional access alignment.
• Monitor and analyze network telemetry across environments using SIEM/XDR/NDR tools; triage and investigate alerts related to network-based threats (command-and-control, beaconing, lateral movement, brute force, anomalous authentication, DNS abuse).
• Scan for vulnerabilities and misconfigurations affecting network and perimeter systems (firewalls, switches, routers, wireless controllers, VPNs); coordinate remediation across systems, tools, and customer technologies.
• Investigate and remediate threats, including performing incident response tasks as part of the Incident Response Team; execute containment actions such as blocking malicious IPs/domains, disabling compromised accounts, isolating hosts, and tightening access paths.
• Maintain accurate documentation of work performed and customer security environments, including network diagrams, firewall policy standards, segmentation maps, and change history.
• Communicate directly with customers daily—review reporting and clearly explain network security needs, findings, and recommendations (risk-based, business-friendly language).
• Support the day-to-day operation of customer infrastructure and serve as a point of contact for executives, vendors, and internal teams as needed; coordinate with ISPs/carriers during outages or security events.
• Participate in an after-hours on-call rotation and incident response coverage as required, including critical perimeter events (active exploitation, DDoS indications, VPN compromise, widespread malware).

Benefits

• medical
• dental
• paid holidays
• sick time
• generous DPTO