Cyber Security Engineer

About The Position

Requirements

• You have at least 3+ years experience in an endpoint security, network security, or general security-focused IT support role
• BS in Computer Science or Information Security preferred
• Experience with planning, researching and developing security policies, standards and procedures
• Experience working within ITIL frameworks with specific knowledge of Change Management standards and procedures
• Proven experience with the following:
• Windows administration
• Active Directory and Group Policy
• Management of firewall hardware platforms
• Applications used for network management and/or monitoring
• Security orchestration and automation tools and technologies
• Server/client communications, data center architecture, and network topology
• Proven experience with incident response technologies and methodologies
• Knowledge of configuration and operation of the Windows/Linux Operating systems.
• Application whitelisting and enterprise anti-malware (Configuration/management/rule writing)
• SIEM log analysis and correlation
• Ability to analyze forensic and static malware
• Must have strong research/analysis skills
• Demonstrated ability to create complex scripts, develop tools, or automate processes
• Ability to work independently as well as with a team.
• Ability to work in a fast-paced environment, performing multiple duties/tasks within defined deadlines.
• Proven experience identifying problems of varying complexities and finding effective solutions with few guidelines.
• Responsive to the needs of customers internal and external.
• Sense of urgency and commitment with strong follow up skills.
• Proven precision and attention to detail with a high level of accuracy.
• Demonstrate a professional and positive attitude in all internal and external customer interactions.
• Excellent interpersonal skills, written and verbal communication, and listening skills.
• Self-driven and motivated individual with excellent planning and organizational skills.
• Display proficiency with Microsoft Office Word, Outlook, PowerPoint, etc.

Nice To Haves

• Understanding of the MITRE ATT&CK framework preferred
• Security certifications (ex: GSEC, OSCP, CISSP, Security+) is a plus

Responsibilities

• Identify, validate, and remediate security vulnerabilities detected in The McPherson Companies corporate infrastructure and endpoints
• Support and monitor The McPherson Companies current endpoint and network security platforms (HIPS, HIDS, on-premises firewalls, Anti-Virus/Anti-Malware, Email security, Mobile Device Management, etc.)
• Support and monitor the external outsourced SOC platform.
• Assist IT staff in the procurement, testing, implementation, and configuration of new security controls
• Assist IT staff in updating and security patching to corporate infrastructure and endpoints
• Assist with responding to, and managing, any Security Information Gathering (SIG) questionnaires, any required compliance audits and/or maturity assessments from 3rd parties.
• Educate end users on cybersecurity best practices and manage our cybersecurity awareness training and phishing assessment programs
• Compile reports as needed detailing current operational status of security measures utilized by company
• Investigate potential security violations and breaches and provide recommendations to management.
• Perform analysis to determine root causes of any incident
• Assist IT staff in testing and updates of the Business Continuity Plan
• Assist with the design, development, documentation, and enforcement of new and existing information security processes, procedures, and policies
• Provide computer system audits to ensure the highest level of security and data protection
• Maintain up-to-date knowledge on current security practices and tools