Cyber Security Engineer
| Company | AAA Club Alliance |
|---|---|
| Location | Columbus, OH, USA, Wilmington, DE, USA, Cincinnati, OH, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Bachelor’s degree in Information Technology, Information Systems, or Cybersecurity required.
- Cybersecurity certification (i.e., CompTIA Security+, SSCP, GSEC, CISSP, GCIH, GCED, OSCP, or CEH) strongly preferred.
- Minimum 5 years of experience in information technology or closely related field is required.
- Minimum of 2 years of experience with systems security and/or control frameworks such as NIST CSF, CIS, PCI-DSS, HIPAA strongly preferred.
- Proficient with Security Incident and Event Monitoring (SIEM), endpoint protection (antimalware), endpoint detection and response (EDR MDR XDR), email security, phishing testing, endpoint, web, and network firewall ports and protocols, privileged access management, data loss prevention, web filtering, vulnerability scanning, encryption, configuration management, multifactor authentication, micro-segmentation, zero trust, intrusion prevention (IPS), intrusion detection (IDS).
- Proficient with MITRE ATT&CK Framework; Cyber Kill Chain methodology; industry standard penetration testing frames such as PTES and NIST.
- Strong analytical skills with the ability to interpret and present data.
- Able to translate highly technical knowledge to business partners without technical background.
Responsibilities
- Implement, administer, and maintain security systems in areas such as endpoint protection, endpoint detection and response, privileged access, email security, data loss prevention, etc.
- Monitor data and information, technology systems, and/or networks to identify, analyze, and mitigate risks.
- Review vulnerability assessments on endpoints, servers, and network devices and advise on risk level adjustments for remediation prioritization.
- Instruct staff on attack paths and assist with identifying compensating controls if patching cannot occur in a timely manner.
- Collaborate with IT staff on the implementation and maintenance of configuration management benchmarks.
- Resolve incidents in queue from the IT Service Desk and/or instant message outreach.
- Monitor and respond to after-hours alerts and incident response.
- Perform risk assessments and evaluate system security configurations.
- Perform planned and ad-hoc threat hunting using Security Information and Event Management (SIEM) and available toolsets to identify and remediate security threats.
- Execute incident response in coordination with business partners and technical teams.
- Identify network computer intrusion evidence and perpetrators.
- Perform initial forensic analysis of digital information and gather and handle evidence.
- Resolve complex malware and intrusion issues.
- Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations.
Preferred Qualifications
- Cybersecurity certification (i.e., CompTIA Security+, SSCP, GSEC, CISSP, GCIH, GCED, OSCP, or CEH) strongly preferred.
- Minimum of 2 years of experience with systems security and/or control frameworks such as NIST CSF, CIS, PCI-DSS, HIPAA strongly preferred.