S

Cyber Security Engineer

Starcom consulting limited
Contract
On-site
Livermore, California, United States
Cyber Security Engineer

Job Details


  • Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team.
  • Proactively hunt for cyber threats and enact identification, containment and eradication measures while supporting recovery efforts.
  • Perform analysis on LLNL intrusion detection systems.
  • Provide security monitoring and incident response support including troubleshooting and resolution of issues.
  • Create and manage processes, systems, and tools exercising a high degree of responsibility.
  • Serve as an incident response technical point of contact and interact with internal and external personnel.
  • Perform technical assessments, document actions, findings, and make remediation recommendations.
  • Promote and support plans to promote diversity, equity and inclusion within the program.
  • Perform other duties as assigned.

Additional job responsibilities, at the SES.3 level
  • Manage multiple complex parallel tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
  • Develop advanced methods, tools, and procedures to improve incident response capabilities and automate various complex tasks.
  • Mentor and provide technical guidance to team members in incident response best practices and procedures.
Qualifications
  • Ability to secure and maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
  • Bachelor's degree in Computer Science, Computer Engineering or related field, or the equivalent combination of education and related experience.
  • Broad experience with SIEM, log aggregation, packet analysis, or other cybersecurity tools.
  • Experience conducting host forensics, network forensics, log analysis, or malware analysis in support of incident response investigations.
  • Proficient written and verbal communication, strong interpersonal skills, ability to collaborate in a multi-disciplinary team environment and to interact with all levels of management and staff.
  • Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary, with experience working independently.
  • Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).

Additional qualifications at the SES.3 level
  • Significant knowledge of SIEM solutions, threat hunting, incident response, or incident management.
  • Significant experience with log analysis, event correlation, or incident management procedures.
  • Advanced ability to provide innovative approaches and apply new technologies to tasks and projects that may not be well defined.

Qualifications We Desire
  • Master's degree in Computer Science, Computer Engineering, or a related field, or equivalent level of knowledge.
  • Significant incident response experience, including experience with cloud services such as AWS/Azure, and experience leading teams.
  • Experience with programming or scripting languages such as C, C#, Python, Java, PowerShell and PHP.
  • Current industry specific certifications including but not limited to Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Global Information Assurance Certification (GIAC).