TITLE: Senior Cyber Security Fusion Center Engineer
DIGITALWARE, INC. OVERVIEW
Digitalware is a catalyst for the revolution in how organizations understand risk, both cyber and physical. Digitalware coined the term "risk hunting" as a way to describe the process of how organizations find, understand, and mitigate holistic risk within their environments.
Digitalware's Epiphany Intelligence Platform is a data context engine, ingesting and analyzing a wide range of IT, security, and threat data. Epiphany helps security professionals understand and mitigate business risks quickly and easily-before they lead to adverse impacts.
Built by leading offensive security and data science experts our algorithms hunt through a customer's existing security and IT infrastructure to ensure no risk is left undiscovered. We are looking for individuals to join this global fight to protect people, assets, and data.
Founded by leading experts with decades of experience in Cyber Security, IoT, ICS, and Systems Integration, Digitalware has one fundamental principle - to secure a thing, you must know a thing.
Senior Cyber Security Fusion Center Engineer
Digitalware is seeking an enthusiastic and motivated individual to provide Managed Cyber Security Services for our valued customers. As a key member of the Digitalware team, you will be part of an integral and elite group that is dedicated to protecting system resources from cyber-attacks and other online threats that could have devastating consequences for millions of end users.
Successful candidates will be able to demonstrate foundational Network Security and System Administration with advanced understanding of Endpoint Protection, Threat and Vulnerability Management, Security Automation, and Security Analysis.
- Analyze security event data from security analysts, customer platforms, network elements, and security devices.
- Generate and maintain operational process and training documentation.
- Provide input to improve our products and services to add value for our customers and shareholders.
- Perform health checks and optimization activities on relevant security technologies or systems.
- Deploy and manage endpoint security technologies, including CrowdStrike, McAfee, and Microsoft Defender.
- Maintain awareness and understanding of emerging security technologies, AV, threat and vulnerability management, networking monitoring methods and tools.
- Provide risk and compliance analysis across common security standards and frameworks, such as NIST CSF, CIS CSC 20, CMMC to name a few.
- Assess current assets, provide enhancement suggestions, and remediation efforts when applicable, as defined by SLA's.
- Assess information security risk and facilitate remediation of identified vulnerabilities for IT security and risk across the enterprise. Report on findings and provide recommendations for corrective action.
- Management of IT security and risk (e.g., data systems, network, and web) across the enterprise. This includes Advanced Threat Detection, Privileged Access Management, Vulnerability Management, Endpoint Security, and SIEM.
- Serve as lead on information security projects.
- Provide guidance and best practice recommendations for IT security policies, procedures, and standards that meet standard and regulatory requirements.
- Interact with project teams to provide advice on security and assist with compensating control alternatives where security requirements cannot be met.
- Ensure endpoint agents are up to date and fully in compliance with client requirements and policies.
- Other, as needed.
8+ years of I.T. experience.
6+ years of Cyber Security experience.
4+ years managing security endpoints.
Endpoint and Mobile device management security.
In-depth understanding of endpoint detection and response technologies in one or more of the following, SentinelOne, Cylance, Microsoft ATP, and CrowdStrike.
Threat and Vulnerability Management.
Knowledge of McAfee endpoint security desired.
SIEM experience; implementation and initial tuning, in one or more of the following, Splunk, Azure Sentinel, Elastic SIEM, Chronical, or Devo.
General network security and troubleshooting knowledge.
Scripting knowledge (PowerShell, Python, Ruby, Go), preferred.
Passionate about security optimization and recommending new tools/technologies.
Experience migrating and upgrading endpoint security solutions.
Advanced Microsoft, MacOS, Linux operating systems experience.
Malware and Threat analysis.
Certifications a plus: CEH, CRISC, CISA, CGEIT, CISSP, CIPP, GMON, GHIA, GCIH
Bachelor's Degree (Math, CS, and Engineering), preferred
Digitalware offers a competitive compensation and benefits package, including health, vision, dental, disability, life insurance, commuter benefits and 401(k) plan, as well as a customized talent roadmap which provides you with the training and certifications you need to succeed and grow.
Digitalware is an equal opportunity employer. We value diversity and make employment decisions based on individual qualifications, job requirements, and business needs. Digitalware is an E-Verify employer and complies with all laws and regulations related to verifying employment eligibility.