Data Recognition Corporation · 2 days ago
Senior Cyber Security Engineer
Wonder how qualified you are to the job?
Consumer ResearchData Collection and Labeling
Insider Connection @Data Recognition Corporation
Responsibilities
Enhance and maintain SIEM solution, providing engineering support to capture relevant security log data from multiple sources, both on-premise and in the cloud
Develop appropriate correlation queries to incorporate common threats, indicators of compromise (IOC’s) and other relevant threat-feed data
Implement and manage application security tooling including SAST, DAST, and SCA scanning components
Develop incident response and remediation runbooks for common alert triggers
Manage and enhance detection and response activities
Perform dynamic and static application scanning and work with development teams to prioritize and remediate vulnerabilities
Develop and enhance Data Loss Prevention (DLP) capabilities across the environment
Lead vulnerability management efforts to identify, prioritize, and work with owners to remediate
Implement and monitor cloud security risk mitigation strategies
Support Identity and Access Management initiatives and provide security oversight on the IAM program
Research new technologies, vulnerabilities and attack vectors to proactively drive security improvement across the organization.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years of experience in a security analyst or engineer role in an enterprise environment.
Experience managing a Security Information and Event Management (SIEM) solution, including defining inputs, log aggregation, and alarm triggers.
Experience in, or deep understanding of application security in a development-centric environment.
Thorough understanding of security and network concepts (firewalls, WAF, IDS/IPS, DLP, IAM, wireless, endpoint security, DDoS, DLP, forensics, etc.)
Understanding of relevant security control frameworks, specifically NIST 800-53
Possesses a high level of personal integrity and the ability to discreetly handle sensitive, personal, and classified case information.
A broad understanding of securing both on-premise and cloud environments, including the technologies and processes required to secure and monitor.
Ability to grasp and assess “big picture” issues and bring them to light to foster positive change for a more robust data ingestion platform and process
Preferred
College degree or equivalent work experience.
Security certification such as Certified Information Systems Security Professional (CISSP)
Experience assessing and implementing security incident detection systems
Experience supporting and participating in third party vendor security assessments and audits, reviewing audit findings as well as responses to security findings and remediation plans
Strong interpersonal skills and collaborative style to enable success across multiple partners
Cloud security experience, specifically AWS