Drag

Cyber Security Engineer

Location : ,

Job Description

Cyber Security Consultant

 

Resposibilities

  • Experience working with and managing Security Information and Event Management (SIEM) tools such as Splunk, Sumo Logic, Arcsight, etc.
  • Experience deploying, managing, and utilizing Endpoint Detection and Response (EDR) tools such as Crowdstrike, Sentinel One, Carbon Black, etc.
  • Thorough understanding of Macos, Linux, and Windows hardening and security best practices.
  • Experience creating threat and DLP signatures for network, endpoint, email, and cloud/SaaS security solutions to identify potential attacks, exploits, or data exfiltration attempts.
  • Extensive experience developing and automating incident response policies.
  • Deliver complex projects, including coordinating and driving issues to resolution utilizing excellent technical troubleshooting skills.
  • Work with Stack's highly technical software and hardware engineering teams to understand their goals and deploy tools and solutions to get the data accessible to them for development.
  • Experience with troubleshooting complex issues and providing detailed root cause analysis.
  • A drive to learn and work with industry leading technologies.
  • An understanding of network orchestration and automation with Python, Ansible, and Terraform.
  • Experience working with Security Access Service Edge (SASE) solutions such as Zscaler, Prisma Access, Netskope, etc.
  • Thorough understanding of email security and best practices. Experience working with Secure Email Gateways (SEGs), Mail Transfer Agents (MTAs), and end user training solutions like Knowbe4 is highly desirable.
  • Experience with both traditional DLP and Cloud Access Security Broker (CASB) solutions, especially developing data classification policies, signature detection, and response runbooks.
  • Extensive experience with network security tooling and practices such as layer 7 firewalls and Unified Threat Management (UTM) solutions, Intrusion Detection and Prevention Systems (IDS/IPS), malware sandboxing, Network Detection and Response (NDR) solutions, netflow and telemetry aggregation, systems, micro segmentation, web application firewalls (WAFs), load balancers, network taps, DNS security solutions, etc.
  • Thorough knowledge of Public Key Infrastructure (PKI), certificate lifecycle management, 802.1x implementation, mTLS, etc.
  • Experience with Google Workspace, especially developing Trust Rules to secure and control sensitive data and enhancing DLP capabilities.