Senior Cybersecurity Engineer

Computer World Services Corp. (Cws) - Mansfield, TX

posted 3 months ago

Full-time - Senior
Remote - Mansfield, TX
Professional, Scientific, and Technical Services

About the position

The Senior Cybersecurity Engineer plays a crucial role in supporting the Office of Financial Research (OFR) in its mission to promote financial stability. This position is integral to the Security Operations (SecOps) and Architecture team, providing hands-on expertise in various aspects of cybersecurity including monitoring, reporting, threat intelligence, threat hunting, and incident response. The engineer will collaborate with operations and engineering teams to ensure that security requirements are effectively integrated into project designs, focusing on critical areas such as logging, authentication, and alerting. A significant aspect of this role involves the administration of Continuous Diagnostics and Mitigation (CDM) tools, particularly Qualys and Forescout. The engineer will be responsible for configuring, managing, and troubleshooting these tools, as well as conducting regular audits to ensure that security controls are functioning as intended. The position also requires experience with Endpoint Detection and Response (EDR) systems, such as CrowdStrike Falcon and Trellix HX, and the ability to conduct vulnerability scans and assessments in collaboration with third-party vendors. This highly technical role demands a solid understanding of security systems and best practices. The engineer will have the opportunity to work with new capabilities as they are deployed, including deception infrastructure, continuous penetration testing, data loss prevention (DLP), and machine learning technologies. The role is expected to contribute to the maturation of incident response and overall security capabilities through experience and strategic recommendations.

Responsibilities

  • Support OFR's Security Operations (SecOps) and Architecture team.
  • Provide hands-on expertise in monitoring, reporting, threat intelligence, threat hunting, and incident response.
  • Partner with operations and engineering teams to design and review projects for security requirements implementation.
  • Administer Continuous Diagnostics and Mitigation (CDM) tools including Qualys and Forescout.
  • Conduct regular audits to ensure security controls are functioning as expected.
  • Test for vulnerabilities by conducting regular scans of networks using Qualys.
  • Work with third-party vendors during annual security assessments and testing.
  • Configure, manage, and troubleshoot Qualys VM, PC, Web Application Scanner, and Container Security modules.
  • Develop and implement security automation workflows using Qualys APIs and scripting languages.
  • Streamline security operations by automating repetitive tasks and integrating Qualys with other security tools.
  • Participate in breach and attack simulation and purple teaming exercises.
  • Compose and deliver executive-level reports, presentations, and postmortems for key stakeholders.
  • Analyze emerging threats to improve detection and response capabilities.
  • Document specifications, playbooks, and detections throughout the process.

Requirements

  • Experience with Continuous Diagnostics and Mitigation (CDM) tools, particularly Qualys and Forescout.
  • Hands-on experience with Endpoint Detection and Response (EDR) systems such as CrowdStrike Falcon and Trellix HX.
  • In-depth knowledge of security system capabilities and best practices.
  • Experience with Amazon Web Services (AWS) EC2 and Workspaces, VMWare virtual infrastructure, and network/security appliances.
  • Strong understanding of networking protocols including SNMP, SSH, Ethernet, and TCP/IP.
  • Ability to develop and implement security automation workflows using scripting languages like Python.

Nice-to-haves

  • Experience with Rapid7 and BigFix for migration to Qualys.
  • Integration of ServiceNow with CDM tools for automation and reporting.
  • Certifications in Qualys or related certifications (e.g., CISSP, CISA).
  • Preference for additional certifications such as CCE, CCFE, CEH, CPT, CREA, GCFE, GCFA, GCIH, GCIA, GIAC, Splunk Core, OSCP.

Benefits

  • Remote work flexibility
  • Equal employment opportunity
  • Affirmative action employer
  • Reasonable accommodations for individuals with disabilities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service