SSUSA Job #1014: SENIOR IT FORENSIC SECURITY ENGINEER
SENIOR IT FORENSIC SECURITY ENGINEER
One of our technology clients is seeking a Senior IT Forensic Security Engineer that will be responsible for evaluating, selecting, implementing, and operating key security tools to support security monitoring, incident response, and cyber threat intelligence. The Senior Security Engineer will influence and guide product engineering and development activities to deliver security-focused solutions. Additionally, perform as the subject matter expert (SME) for one or more key tools crucial to security operations—e.g., IPS, Endpoint Detection & Response (EDR), Network Packet Capture, NetFlow, and/or Security Operations and Automated Response (SOAR).
1. Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate
2. Responsible for end-to-end enterprise-wide Tier III troubleshooting of network, desktop, server (hardware & software), and application performance & connectivity across the global wide area network as it relates to Information Security.
3. Participates in or leads Computer Incident Response Teams (CIRT) as necessary by providing Tier III support to mitigate active security incidents possibly threatening the Global Company Computing environment. Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions
4. Assesses applications and the associated data flow for risk to sensitive data, systems, or infrastructure.
5. Collaboratively documents security controls and application access requirements associated with hosted applications and systems.
6. Apply or recommend adaptive security measures based on investigative findings and threat indicators
· At least 3 years of Forensic Security experience
At least 8 years in professional IT with demonstrated experience related to security services.
· Security certification (e.g., Security+, GIAC, CISSP, other).
· 3-5 years experience in supporting one or more of the following technologies: IPS, SIEM, Endpoint Detection & Response (EDR), SSL VPN.
· 1-3 years working in a cloud environment including key elements of VMware, AWS, and Azure environments.
· Knowledge of security best practices in hardening and protecting cloud environments, networks, servers, endpoints, applications, and databases.
· Strong understanding of the MITRE ATT&CK framework.
· In-depth knowledge of the following computer forensic and incident response applications (EnCase, Axiom, Cellebrite, Paladin, Sumuri Suite, Volatility, Intella, Kali.).
· Understanding of security frameworks/protocols such as Federation/SSO, IDS, IPS, Host Based Firewall, VPN, SSH, Key Management, PKI, Tokens, SAML, OAuth, Fido, HTTPS/TLS, etc.
· Experience with investigating security incidents and developing incident responses.
· Strong understanding of email security best practices.
· Strong experience working with functional areas as part of a Security Operations Center such as threat detection & response, cyber threat intelligence, and red teams.
· Experience with Penetration Testing.
· In-depth understanding of networking, TCP/IP, and other networking protocols.
· Experience with Data Loss Prevention.
SEND YOUR RESUME TO CLIFF@SSUSA.COM
MENTION JOB 1014 IN THE SUBJECT BOX
Remote from Home