Cyber Security Engineer

• Experience securing M365/GSuite/AWS environments
• At least 3 years of experience preventing Active Directory credential theft attacks using Pass the Hash, Golden Ticket or Lateral Movement
• experience with Group Policy Objects, Security Log Analysis and Delegation of Permissions
• experience developing scripts or queries to generate reports against Active Directory
• experience monitoring and analyzing logs from Active Directory
• experience with Security Information and Event Management (SIEM) and Log aggregation platforms using Splunk, Snowflake, Quest, or StealthBits
• Networking, Internet security and Troubleshooting 
• Knowledge and experience with incident response
• Knowledge and experience with intrusion detection
• GIAC Certification, or CEH, GNFA, GCIA, etc
• Experience with tools like wireshark, splunk, etc

• Knowledge of digital forensics

Technical skill:

(Good to have)

• Functional Knowledge of networking technology including routing, switching, firewalls, VPN, remote access

• Familiarity with several vendors' security mechanisms (Cisco, Imperva, Rapid7, Logrythm, etc.)

• At least 7+ years of relevant experience in Information Technology field

• At least 5+ years of experience in Security Systems Administration

• Good documentation writing skills

• Problem solving ability and collaborative

• Provide second/third level support and monitor several security systems (e.g., firewalls, email security mechanisms, data loss prevention systems, etc.)
• Investigate, Analyze and Report, if needed escalate security events from SEIM Tool
• Handling private clients and small office environments with their cybersecurity setup and trouble shooting
• Forensic investigation of Phishing alerts , Cloud Security and Threat Analytics, Alerts for Malware or spyware 
• Monitoring and reviewing VA & PT Scans
• Participate in the evaluation of tools and creation of customized methodologies and applications
• Lead team responsible for the security of client's enterprise Active Directory environment including on-premise and cloud environments from AWS, Microsoft Azure, and Google Cloud
• Provide technical leadership during the analysis, troubleshooting, and investigation of security related events 
• Evaluate and recommend information security products, technologies, and procedures by proactively identifying problems and evaluating industry trends
• Provide input and assist with developing client roadmap to align with security initiatives, business needs, and forward looking requirements
• Manage quarterly security audits and ensure the Active Directory environment adheres to security and compliance settings
• Be the project lead or participate as a team member on various projects within or across technology and business teams
• Manage vulnerability assessments and security testing to proactively identify and close security risks  
• Architect, engineer, and deploy third-party security monitoring tools to protect the environment and monitor for security breaches, intrusions and irregular system behavior
• Partner with CyberSecurity engineers to implement technology solutions
• Participate in the evaluation, development, and implementation of security standards and best practices and recommend security enhancements to management as needed
• Assist with evaluating and testing new security, compliance, and audit tools
• Educate team members on information security through training and increased awareness

• Partner with CyberSecurity teams to support forensic investigations and ensure integration with enterprise SIEM systems