Job Details

ID #21689906
State Colorado
City Denver
Job type Contract
Salary USD $45 - $49 45 - 49
Source Computer Enterprises, Inc.
Showed 2021-10-25
Date 2021-10-18
Deadline 2021-12-16
Category Et cetera
Create resume

Security Engineer II (Cyber, Network, Incident Response)

Colorado, Denver, 19103 Denver USA

Vacancy expired!

CEI's Client is a Fortune-50 telecom, internet and cable provider. There are currently two (2) openings for Security Engineers which can sit in either Philadelphia or Denver. These are long-term contract positions which are planned for 2022 extensions and conversions to perm are a possibility as well. Pay range is $45-49/hr W2. These roles are for 2nd shift. One would be Sunday - Thursday from 2:00-10:30PM MST and the other would be Tuesday - Saturday from 2:00-10:30PM MST. Ideal candidates will have 3+ years of experience with a background in Cyber Security, Network Security, and Incident Response. Position involves monitoring tickets, performing investigation, triage, and troubleshooting. Will be working with a variety of security tools as well as Splunk, Windows, Linux, AWS, and Azure. As an Engineer 2 in the Cyber Security Operations Center (CSOC) you are responsible for monitoring security system events in a 24 X 7 Security Incident Response team (SIRT) facility. Responsibility includes to monitor and perform Triage activities on security incident events, perform appropriate response to adequately close or escalate the events until closure. During a critical security event, this position will be escalating these incidents to Vertical Level engineers to make changes to the various security tools or system configurations to minimize the immediate impact to the business and secure the enterprise network from security risk.

What will you be doing?
  • 24/7 Monitor email, SIEM and ticketing platform for incidents, respond based on the agreed severity level.
  • Develop and maintain runbooks and Job Aids for all activities under scope.
  • Work with different teams in unison outside the Cyber Security Operations Center such as Vulnerability Mgmt, Network Teams, OS teams, Pen testing.
  • Analyze logs from SIEM, and other sources and be able to identify unauthorized activity
  • Initiate and run conference bridges during a security incident and be visible on the bridge during the span of the call, coordinate efforts with other teams and document workstreams and action items
  • Understand urgency and security risk and respond to critical vulnerabilities and data exposures.
  • Perform traffic and port scan during an incident investigation.
  • Handle all types of Phishing incidents reported and follow end – end process in making sure all risks are neutralized.
  • Handle and respond all cloud security incidents reported via ticketing platform (AWS, Azure, Google, Client's Cloud)
  • Develop playbooks using XSOAR tool on tasks that could be automated improve efficiency of the team
  • Escalate critical incident to Higher tiers immediately without causing delays
  • Assist vertical engineers in investigation by performing scans and searches on tools at our disposal (SIEM, Stealthwatch,, NMAP, Scanners)
  • Handle incidents related to
      • GitHub Exposures
      • Pastbin Exposures
      • Data and Asset exposures
      • Critical vulnerabilities
      • Security Intelligence notifications
      • Cloud related security events
      • End Point security detections
(not limited to the above) identify ownership and the risk associated, follow all security standards to secure data
  • Identify and handle incidents related to system or account compromise, that could be either via vulnerability exploit or weak security rules.
    • Being Cyber Incident responder, you will be responsible to provide consulting and guidance to Non-Security folks on Security Best practices during and incident and ensure it is followed and implemented
    • Answer Law enforcement and 911 failure calls and be able to follow the process in handling difference scenarios

What do we require from you?
  • Must possess solid understanding and 3+ years of hands on experience in Security Incident Handling / Security System Administration in an ISP, large-scale network environment, or Large Enterprise, or equivalent work experience in a Managed Security Service Provider organization.
  • Good knowledge on UNIX or Linux based applications (or) at least one year of experience administering UNIX or Linux systems in secure environments.
  • Good understanding on Cloud security (AWS, Azure, Google)
  • Good understanding and experience on security tools IDS, IPS, Firewalls, Proxies, Web Application Firewalls Etc
  • Minimum 3 years in security incident response and technical forensics investigation.
  • Firm understanding of security controls and best practices to secure databases and application layers.
  • Strong understanding and experience on Web vulnerabilities and the response actions.
  • Security assessment / audit experience using automated tools and manual verifications.
  • Must be able to work on round-the-clock shifts, rotating or fixed.
  • Minimum of 3 years of experience with TCP/IP and UDP/IP networking.
  • Understanding on Radius system administration, creating and modifying user and group access rights, TFA configurations, reporting and troubleshooting.
  • Must be familiar with trouble ticketing procedures and have strong written and verbal communication skills.
  • Proven analytical and problem-solving ability and has the willingness to learn.
  • Desired to stay current on technology trends and Security standards.
  • Comfortable with interfacing with other internal or external organizations regarding failure and incident response situations.

Vacancy expired!

Subscribe Report job