Cyber Security Consultant
Resposibilities
- Experience working with and managing Security Information and Event Management (SIEM) tools such as Splunk, Sumo Logic, Arcsight, etc.
- Experience deploying, managing, and utilizing Endpoint Detection and Response (EDR) tools such as Crowdstrike, Sentinel One, Carbon Black, etc.
- Thorough understanding of Macos, Linux, and Windows hardening and security best practices.
- Experience creating threat and DLP signatures for network, endpoint, email, and cloud/SaaS security solutions to identify potential attacks, exploits, or data exfiltration attempts.
- Extensive experience developing and automating incident response policies.
- Deliver complex projects, including coordinating and driving issues to resolution utilizing excellent technical troubleshooting skills.
- Work with Stack's highly technical software and hardware engineering teams to understand their goals and deploy tools and solutions to get the data accessible to them for development.
- Experience with troubleshooting complex issues and providing detailed root cause analysis.
- A drive to learn and work with industry leading technologies.
- An understanding of network orchestration and automation with Python, Ansible, and Terraform.
- Experience working with Security Access Service Edge (SASE) solutions such as Zscaler, Prisma Access, Netskope, etc.
- Thorough understanding of email security and best practices. Experience working with Secure Email Gateways (SEGs), Mail Transfer Agents (MTAs), and end user training solutions like Knowbe4 is highly desirable.
- Experience with both traditional DLP and Cloud Access Security Broker (CASB) solutions, especially developing data classification policies, signature detection, and response runbooks.
- Extensive experience with network security tooling and practices such as layer 7 firewalls and Unified Threat Management (UTM) solutions, Intrusion Detection and Prevention Systems (IDS/IPS), malware sandboxing, Network Detection and Response (NDR) solutions, netflow and telemetry aggregation, systems, micro segmentation, web application firewalls (WAFs), load balancers, network taps, DNS security solutions, etc.
- Thorough knowledge of Public Key Infrastructure (PKI), certificate lifecycle management, 802.1x implementation, mTLS, etc.
- Experience with Google Workspace, especially developing Trust Rules to secure and control sensitive data and enhancing DLP capabilities.