Sr Cybersecurity Engineer

Overview

TekWissen Group is a workforce management provider throughout the USA and many other countries in the world. Our client provider of digital technology and transformation, information technology and services

Position: Sr Cybersecurity Engineer

Location: Bellevue, WA 98006

Duration: 6 Months

Job Type: Contract

Work Type: Onsite

Job Summary

• Detection Engineering The Detection Engineering Sr. Engineer is responsible for continually improving client’s security detection capabilities while ensuring suspicious/malicious activity is identified quickly and accurately .
• They will work with all teams within security operations to ensure that client is protecting its customers and employees.
• They will work with multiple technologies and data sets to build security detection frameworks. (i.e. SIEM, EDR, Network Monitoring, etc.).
• The best candidate for the role should have a strong comprehension of detection techniques, tactics, and procedures while understanding the needs of an incident response team.
• This individual must be driven, work well with other people and have strong verbal and written communication skills.
  
  

Job Description

• Play a vital role in designing and building a comprehensive threat detection program
• Work with partners throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools
• Identify active threats to client system environments including Client.com, corporate networks, third party services, and individual user endpoints Threat Modeling / Hunting
• Inform log ingestion requirements for threat detection use case development
• Research of new attack techniques in order to improve detection logic. Creating custom logic, detection rules, and alerts to identify suspicious patterns and activity.
• Security Detection Lifecycle Management (Maintain, tune, deprecate, etc.)
• Develop content to improve detective capabilities in Security tooling (SIEM, EDR, etc.)
• Work with IR teams to respond to security incidents promptly
• A champion for process, recommending tool, software development, or infrastructure changes to improve or enhance security
• Lead small to medium sized projects as advised (taking ownership while developing/driving a solution to its full value/completion)
• Develop and deliver metrics
• Participate in Cyber Incident Response Team rotation that may involve non-traditional working hours
  
  

Skills

• Knowledge of Machine Learning Concepts and Capabilities
• Proficiency in multiple Operating Systems (Ex. Linux, Windows, Mac, etc.)
• Familiarity with regular expressions and data normalization techniques
• Knowledge of Cybersecurity tooling and how it can be used to create insights
• Knowledge of detection methods (ATT&CK).
• Knowledge of Cloud related technologies (Azure, AWS, GCP, etc.)
• Medium to advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
• Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI ()
• Familiarity with load balancers (ex – A10, F5), firewalls (ex – CheckPoint), Venafi, MDM (ex - Mobile Iron), Cloud (ex - AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex - Damballa), Privileged Accounts (ex – CyberArk), SIEM (ex – ArcSight), Log & Event (ex – Splunk), Intrusion IDS/IPS (ex – Symantec) , Cloud Platform (ex – PCF, Docker), Scanning (ex – Qualys), AppSec (ex - Veracode)
• Strong problem solving / fixing skills
• Self-motivated and able to work under timelines.
• Always act with tact and integrity, and work with a variety of individuals in a positive and productive manner
• Strong verbal and communication skills with diverse multi-functional groups & the ability to present effectively to small & large groups
• Knowledge of information security policies and regulatory controls (per team function)
• Demonstrable knowledge of current technological trends and developments in the area of info security
• Ability to plan, organize and prioritize tasks to complete independently; Ability to work under pressure and meet timelines
  
  

TekWissen® Group is an equal opportunity employer supporting workforce diversity.

TekWissen is an emerging global human capital, recruitment and IT services organization. Operating since 2009, we draw upon more than a decade of staffing experience to deliver critical talent acquisition solutions and IT engagements for our clients. We’re founded on a culture that is passionate about delivering tailored solutions, that create lasting partnerships.

Our global footprint covers six countries: United States, Canada, Australia, India, United Kingdom and the Philippines. This allows us to work in close partnership with organizations and manage everything from global talent needs with demanding resourcing strategies, to single sites with lower recruitment volumes.

TekWissen® is an equal opportunity employer supporting workplace diversity.