INFORMATION SECURITY ENGINEER I

Company: Skiltrek
Location: Broomfield
Posted on: May 21, 2023

Job Description:

JOB DESCRIPTION
MEDR Security Engineer I
As an Endpoint Detection and Response EDR Engineer you will help design deploy configure optimize and validate next-generation endpoint security solutions for customers. Youll work with in-house teams to identify the right mix of tools techniques and procedures to translate our customers needs and future goals into a plan that will enable secure and effective solutions. In determining the best solutions you will investigate new techniques break free from the legacy model and help customers exceed industry standards. As a team well take a critical approach to solution design identifying gaps providing alternatives and customizing solutions to maintain a balance of security and business needs. This position is open to remote delivery anywhere within the U.S. to include the District of Columbia.

We are looking for a Security Operations Engineer to join the Lumen Managed Security Services Operations Team. Security Operations Engineers are expected to handle customer facing investigations mentoring and training of fellow engineers and to participate in interaction with customers and other teams through email or phone.

Primary Duties

• 
  
• Triage alerts and determine if further investigation or action is required by the customer
  
• Assist customers with the investigation and response of incidents throughout the incident response process
  
• Perform investigations of customer requests and be able to provide further contextual information along with recommended actions
  
• Proactively threat hunt using network and host data within customer environments
  
• Mentor junior engineers
  Required Qualifications
  
  
• Ability to obtain Government Suitability Clearance required.
  
• 1 years of experience with supporting enterprise EDR solutions including Carbon Black EDR SentinelOne FireEye HX McAfee Taniumetc.
  
• 1 years of experience in working with a Security Operations Center SOC environment leveraging EDR tools CrowdStrike Falcon is a plus to support incident response vulnerability scanning threat hunting network monitoring and log management and compliance management activities
  
• Experience with deployment of an EDR solution in a customer environment
  
• Ability to provide content on deliverables including written reports and technical documents SOPs and configuration guides and training and briefing materials
  
• Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
  
• Possesses a solid understanding of the TCP/IP protocol suite security architecture and common TTPs tactics techniques and procedures used by threat actors
  
• Experience analyzing both log and packet data in a SIEM RSA NetWitness Azure Sentinel Splunk etc.
  
• Understanding of incident response methodologies and reporting
  
• Experience using ticketing systems for tracking JIRA Remedy ServiceNow etc.
  
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings escalate critical incidents and interact with customers
  Preferred Qualifications
  
• Experience with triaging security events in a SOC environment and leveraging data collected from enterprise security solutions
  
• Experience with providing support in a Tier I or II IT operations and maintenance role including ticket work information updates issue responses and remediation
  
• Knowledge of federal information security policies standards procedures directives frameworks federal security authorizations assessment and risk management processes for enterprise systems
  
• Ability to integrate cybersecurity data using enterprise or custom tools data aggregation and analysis tools including Splunk
  
• EDR Vendor Certification - CrowdStrike Falcon is a plus
  
• Experience performing triage/incident response in enterprise environments
  
• Experience performing forensic analysis of logs and packet captures to identify malicious artifacts
  
• Higher level security certifications CEH GCIH GCFA GCFE GCTI GCIA GREM GPEN GFNA OCSP
  
• Research background and an analytical approach especially with respect to event classification event correlation and root cause analysis
  
• A mentoring/leadership background including mentoring other analysts and orchestrating team efforts for problem solving
  
• Ability to manage projects to completion both individually and in a group
  
• Possession of excellent written and verbal communication skills
  
• Bachelors degree
  
• EDR Vendor Certification - CrowdStrike Falcon is a plus
  
  
  Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
  

Keywords: Skiltrek, Broomfield , INFORMATION SECURITY ENGINEER I, Engineering , Broomfield, Colorado