Job Details

Infrastructure - Security Remediation Engineer

Computer Enterprises, Inc.
Moorestown, New Jersey, United States
Start Date Immediate Work Location Moorestown, NJ (Client open to Remote for the right resource) Job Title Infrastructure - Security Remediation Engineer Job Description We're looking for a Cyber Security Operations Enablement Engineer (Contractor) to help support critical functions of our Cyber Security Operations Center (CSOC). This role is expected to develop and maintain an expert level understanding of all facets of daily operations including processes technology, while developing on-boarding new SIEM content tuning detection technologies. Responsibilities Conduct continual analysis of the complete CSOC security toolset, gaining an expert level understanding of all features along with how they may be most effectively utilized. Perform tuning optimization of security tools SIEM rules, partnering with other stakeholders within CCS and Comcast technology groups as required. Build working relationships with product owners to enable early awareness of new feature pipelines. Evaluate all new features for inclusion into CSOC operations. Identify opportunities for automation and run associated development efforts. Validate completed use cases for SIEM rules and test that rules have been properly implemented Recommend new use cases for SIEM rule creation and log intake Develop and troubleshoot automated playbooks for orchestration tools. Create and edit technical documentation and runbooks. Participate in Cyber Security investigations incident response activities. Conduct proactive monitoring as needed in response to company global events. Other duties and responsibilities as assigned. Experience Required At least 5+ years related experience Proven hands-on experience building managing Splunk use cases content driven from customer requirements Solid technical understanding of common log formats source designs, along with subject matter specific expertise in Splunk Splunk Enterprise Security. Experience configuring, tuning, and evaluating efficacy of key security tools including but not limited to firewalls, VPNs, proxies, endpoint protection, DLP, CASB, SIEM, anti-malware, forensics. Familiarity with scripting languages such as Bash, Python, andor PowerShell. Experience with major automation technologies such as Ansible, Puppet, andor Chef. Demonstrated experience with Microsoft Windows and Unix operating systems including command-line tasks and scripting. Expertise in conducting security assessments configuration of major public private cloud services. Understanding of the MITRE ATTCK framework along with experience applying it across various security processes. Advanced knowledge of computer networking concepts and protocols along with experience conducting network traffic packet-level analysis. Knowledge of advanced cyber threats and attacker methods including corresponding tacticstechniquesprocedures (TTPs) Understanding of common types of attacks vulnerabilities including CVSS, OWASP Top 10, CWE. Demonstrated ability to understand assess security risk. Knowledge of incident response and handling methodologies Superior technical writing, presentation, and organizational skills

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events