Job Description Role: Senior Cyber Security Engineer Location: New Jersey (Day 1 Onsite) Duration: 6+ Months Experience Needed: 12+ Years Licensure, Registration, and Certifications are Mandatory and try to find someone who have past 2-3 Years of experience in Health Care: · Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification. Job Description : Education Requirements: · Bachelor in Computer Science, Information Security, or a related field.
· Minimum of 1-3 years of past experience in information security, especially in an analyst role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
· Experience with any of the following systems/products also a plus: scripting, enterprise antivirus management, data loss prevention, malware detection, intrusion detection/prevention, penetration testing/vulnerability scanning, web application firewall.
· Excellent written and verbal communication skills and effective problem-solving skills required.
Licensure, Registration, and Certifications: · Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification.
Job Description · Provide first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.
· Coordinate with enterprise-wide cyber defense staff to validate network alerts
· Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level
· Work with TVM vendor, work with various to to drive the remediation and track the process, Open CR and schedule scans & follow up scans, analyze potential exploitation scenarios, assess applicable security controls, and evaluate potential impact.
· Performing security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
· Participating in planning and recommendation of modifications or adjustments based on exercise results or system environment.
· Implementing security measures assistance in disaster recovery and planning.
· Utilizing OSINT to effectively detect and prevent indicators of compromise in affected systems.
· Triaging according to organizational procedures to ensure that a genuine security incident is occurring.
· Providing daily summary reports of network events and activity relevant to cyber defense practices
· Providing timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
· Conducting research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
· Collaborating with stakeholders to resolve computer security incidents and vulnerability compliance.
· Documenting and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
· Analyzing identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
· Monitoring and reviewing the most recent SIEM alerts to determine relevance and urgency.
· Providing metrics and reports around security monitoring by designing dashboards for asset owners and management consumption
· Contributing to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms
· Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via phone call or in person.
· Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties
· Recommending new security tools to management and reports and provides guidance and expertise in their implementation.
· Reviewing and analyzing complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities.
· Own and administratively manage all security tools and ensure it is monitored on a regular basis.
Additional Information All your information will be kept confidential according to EEO guidelines.
