Cybersecurity Engineer

About The Position

Requirements

• Bachelor of Arts/Bachelor of Science or equivalent experience
• 2 or more years of related experience
• ITIL v4/v5 Foundation or CompTIA Security+ certification(s) or an ability to obtain one within 90 days of hire
• An ability to obtain and maintain a Public Trust
• Louisiana Residency; living within a commutable distance (approximately 60 mile radius) of the Bossier City facility
• U.S. Citizenship
• Experience with Incident Response Team (IR/IRT) troubleshooting, root cause analysis, and remediation verification
• Knowledge of Identity Management - ICAM/IDAM and authorization, least privilege, and reducing unauthorized elevated access
• Firewall understanding to include basic networking, sub-netting, IDS, NAT, and ACL's
• Exposure to Penetration Test Response and Remediation
• Understanding of Configuration Management - STIG/SCAP compliance baselines for Windows, Mac, Linux
• Network Security and SIEM tool experience (Splunk, et al.)
• Working knowledge of Nessus
• Understanding of continuous integration / continuous delivery (CI/CD) and DevSecOps
• Experience writing threat reports and other management level communications
• Ability to prepare and provide a daily security briefing to customers
• Ability to support a flexible work schedule and handle on-call duties when required
• Ability to learn the following technologies: Palo Alto, Tenable, ServiceNow (ticketing and reporting), Linux, Windows, and Active Directory

Responsibilities

• Development and testing of security solution implementations
• Response and investigation for reported security vulnerabilities and incidents
• Involvement in the SDLC through design, development, testing, and implementation phases
• Develop and document complex correlation logic and behavioral detection signatures (e.g., in SPL or KQL) to be submitted to the SIEM administration team for implementation.
• Involvement in unique research/discovery projects
• Conduct regular "end-to-end" testing of existing SIEM alerts to ensure that border and endpoint telemetry is correctly triggering expected alerts
• Identify visibility gaps in the current SIEM ingestion and build technical justifications/requirements for the SIEM owners to onboard new log sources.
• Development of security policies, processes, standards, and roadmaps
• Implementation of comprehensive security controls consistent with risk
• Development of scripting and basic programming
• Management of application deployment and security architecture
• Involvement with subject area tools and technologies
• Monitoring and reporting on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met
• Support of annual updates of the incident response concept of operations document
• Support of annual incident response tabletop exercises
• Membership in a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
• Identification and response to incidents to prevent or limit damage to assets, and report incidents
• Detection and analysis of incidents and coordination activities with other stakeholders for containment, eradication, and recovery from incidents
• Development of advanced analytics and countermeasures to protect critical assets
• Support for the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnel
• Support for enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily
• Monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking
• Assessment, identification, and remediation for issues of the individuals and/or systems affected
• Coordination of the development of reports from the SIEM, NIDS, and HIDS
• Staying up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation
• Performance of other tasks consistent with the goals and objectives of the department/contract

Benefits

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Flexibility: Full-flex work week to own your priorities at work and at home
• Community: Award-winning culture of innovation and a military-friendly workplace