The Cyber Security Engineer is a key member of the Information Security team responsible for the protection of online and corporate systems. This role is member of security incident response team (SIRT) that performs incident and forensic investigations across all of our companies. This role participates in a 24x7x365 work effort and in such will be required at times to work after hours and participate in an on-call rotation.
location: Jacksonville, Florida
job type: Permanent
salary: $110,000 - 120,000 per year
work hours: 9 to 5
education: No Degree Required
- Creates and maintains information security alerts from firewalls, IDS, OS, Anti-Virus, web application firewalls, and servers though the use of a SEIM and related tools to respond, triage, and resolve or escalate as needed.
- Act as an escalation point for alerts generated by a SEIM and other related tools.
- Perform systems and network analysis of intrusions to the network, servers, applications, operating systems, firewalls, proxies, and other infrastructure related devices.
- Perform in-depth network security analysis and conducting preliminary incident response, event analysis and threat intelligence.
- Perform vulnerability scanning of the environment and analyze the results to assess risk to the organization and prioritize remediation efforts.
- Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives and provide results to management.
- Review and approve security device changes (firewalls, VPN,WAF, IDS/IPS, HIPS).
- Analyze data and prepare reports that document vulnerabilities from network based attacks and recommends actions to prevent, repair or mitigate these vulnerabilities.
- Maintain or assist in the maintenance of the confidentiality, integrity, and availability of all data in physical and/or electronic format.
- Certified Information Systems Security Professional (CISSP) or Equivalent
- GIAC Security Essentials (GSEC) or Equivalent
- Bachelor's degree in Computer Science or a related technology field or equivalent in comparable work experience within the network field.
- Broad knowledge of Enterprise Infrastructure concepts and best practices as they relate to Cyber Security and incident response. Advanced GIAC certifications preferred.
- 10+ years experience in the related technology fields
- Excellent communication skills; must be able to interface with all levels
- Open-minded, adaptable and passionate about learning
- Extensive experience with network security devices such as firewalls, Intrusion Detection/Prevention, web application firewalls, and SIEM tools.
- Highly motivated and able to work independently and as part of a high performing team.
- Experience with information security incident response and risk mitigation.
- Experience in Linux and Windows system administration and security.
- Understanding of common x86 host virtualization infrastructure
- Understanding of common services (e.g. SSL, HTTP, FTP, NTP, NFS, SSH, LDAP, etc.).
- Deep understanding of packets, network traffic, and the OSI model.
- Understanding of how to secure cloud-based solutions (e.g. PaaS, SaaS or IaaS)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.