Vacancy expired!
TITLE: Cyber Security Engineer 3
Location: Remote Compensation Range : ( 60-65/HR ) GENERAL SECURITY RESPONSIBILITIES:Work in a team-based environment to improve process, procedures, and training.Participate in one of the following focus areas:Monitoring/Incident Response/Threat Client:Triage alerts, collect related data from various analysis systems, review available open and closed source information on related threats & vulnerabilities, diagnose observed activity for likelihood of system infection, compromise, or unintended/high-risk exposure.Prepare reports detailing background, observables, analysis process & criteria, and conclusions from incidents, news, or other Client.Analyze network flows, system logs, and meta data for patterns/characteristics or general anomalies to trend/baseline activity and correlate for alerts, activities, and detections.Leverage programming/scripting skills to automate data-parsing, reporting, or any repetitive task that is in daily or common work tasks.Interpret IDS/IPS or SIEM offense signatures as part of a layered defense strategy leveraging multiple technologies throughout our environmentWork in the Security Incident Response Team to improve process, procedures, and training such as creating playbooks for investigations and response procedures, creating table tops scenarios based on different aspects of our environment, and working through investigations with other analysts to train on proper techniques for investigation.Be involved in threat hunts and purple team events that are put on to strengthen our knowledge of our environment.Work closely with principals, architects, and analyst to ensure adequate security solutions are in place throughout all systems to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirementsAssist in updating the InfoSec risk model, and in coordination with other functional teams (e.g. HR, Finance, IT, Engineering), establish plans to securely manage the cyber risks associated with business activities and technical implementations.Serve as a trusted advisor to business functional areas (e.g. Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, applications, IT services).Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services.Maintain expert awareness of all aspects of information security and compliance, including PCI, SOC, and HIPAA requirements for information systems and industry best practices, such as, NIST 800-53, 800-171.Contribute to the development and maintenance of the information security strategy.Build and update metrics for measuring performance of the Security Incident Response Team (SIRT).Mentor and coach other analysts on skills and techniques to ensure consistency of analysis and response.Education and Awareness:Ensure the information security awareness program communicates our security policies and requirements in a manner which facilitates knowledge and understanding. Create dynamic interactive lessons designed to hold the attention of adults with various learning styles.Coordinate with IT and business regional leads to develop or modify awareness plans for different cultures, nationalities and languages. Develop deeper training for job related security competencies in critical functions.Coordinate the production of training materials for targeted audiences that address various learning styles through visual, auditory, and kinesthetic methods. Prepare and deliver targeted awareness campaigns (phishing, cyber security month, personal security, etc.).Create phishing simulations and other security awareness trainings with internal team members for the rest of the corporation.Keep informed on the latest research, trends, and developments in all areas of adult education. Incorporate best practices into the Security & Awareness (SEA) program.YOUR EXPERIENCE & EXPERTISE:Five (5) or more years of Cybersecurity experience.Demonstrated knowledge of security controls for network, applications, and operating systems.Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).Strong understanding of Information Security and the threat landscape surrounding enterprise systems.STANDOUT QUALIFICATIONS:Bachelor's degree in Cybersecurity, Information Systems, Communications or equivalent.Experience working in a SOC or Incident Response TeamRelevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)Excellent organizational skills and ability to communicate with internal/external entities and executives.Experience identifying intruder techniques (new vulnerability, attack vectors, exploits, etc.).Knowledge and experience with InfoSec systems (SIEM, SOAR, IDS/IPS, Phishing Toolkits, Sandbox Analysis Tools, etc.).Programming experience in any language.Demonstrate conceptual, analytical, and innovative problem-solving and evaluative skillsAbout Infinity Consulting Solutions At Infinity Consulting Solutions our mission is to cultivate successful long term relationships with candidates and clients matching the right candidate with the right client. We believe technology cannot replace the real personal relationships we cultivate. We reject the notion that technology alone is the answer to staffing which is why we our successful partnerships rely on collaboration NOT automation. ICS has been providing flexible staffing solutions for over 20 years in Information Technology, Compliance, Accounting / Finance and Corporate Support. Our staffing solutions include Contract, Temp to Perm and Permanent Placement. ICS is an Equal Opportunity Employer. W2 employees of ICS are offered comprehensive benefits including health, dental and vision.Vacancy expired!