• Cyber Security Operations Engineer

    Location US-Home Office/ Remote | US-GA-Atlanta
    # Positions
    1
    Category
    Information Technology - All Openings
    Travel Requirements
    0-20%
  • Overview

    Job Summary:

    The Cyber Security Operations Engineer will be responsible for analyzing, monitoring, tracking and reporting behavior/tasks logged by assets (ie, applications, systems, networks) in the form of incidents to ensure NASCO is protected from any potential leaks of malicious activities. He/she will perform routine actions of analyzing correlated event logs to help identify normal versus malicious activity in the network/domain. He/she is responsible to proactively monitor cyber security and information technology infrastructure, including hardware, software, networks, applications and services.  This position will communicate with Information Technology, Application Development, Managed Security Services and other appropriate areas, as deemed necessary.

    Responsibilities

    Essential Roles and Responsibilities:

    • Performs vulnerability scanning for network devices, applications and databases in order to determine if these assets have any vulnerabilities to potential internal or external threats. 20%
    • Analyzes and assesses security incidents that occur to NASCO assets and escalates incidents by following incident plan. 15%
    • Creates, develops, and maintains standard practices and procedures to respond appropriately to internal and external threats.  10%
    • Assesses potential risks and vulnerabilities in the network by establishing status quo for the networks and recognizing any deviations in order to provide actionable recommendations in the event of malicious activity. 10%
    • Performs risk and security assessments of applications, databases, and servers and supports networking technologies, such as routers, switches, access points, in order to determine if these assets have any vulnerabilities to potential internal or external threats.  10%
    • Works with IBM and internal Infrastructure team and vendor partners to solve information security system problems and issues in a timely and accurate manner to prevent malware from coming into the environment.  5%
    • Follows Information Security process, policies and procedures congruent with standards and industry best practices.  5%
    • Monitors activities and events in NASCO’s Technology environment to ensure that anomalous behavior is detected, identified, classified and acted upon where appropriate. 5%
    • Performs application scanning to ensure that code releases are secure. 5%
    • Executes penetration testing on network and applications using ethical hacking techniques in order to determine network and application vulnerability. 5%
    • Develops and executes corrective action plans and remediation plans when issues are identified in order to mitigate the risk of exploitation. 5%
    • Performs reviews and assessments of security controls before hardware/software is migrated to production and performs application scanning to ensure that code releases are secure. 5%
    • Advises Security Leadership on emerging cyber threats and trends, provides recommendations for enhancements
    • Performs other duties as assigned.

    Qualifications

    Required Knowledge, Skills, Abilities and Experience:

    • Strong understanding of security testing practices and methodologies.
    • Experience developing proper log correlation rules for identifying key events
    • Hands-on experience using security testing and analysis tools such as (Metasploit, Burp Suite, Kali, Wireshark, Nmap, Veracode).
    • Hands-on experience using common vulnerability scanning tools (Nessus, Nexpose Rapid7, Qualys, Veracode, AppScan, etc).
    • Experience with cloud computing and security issues related to cloud environments.
    • Experience conducting security testing for cloud services and establishing cloud security requirements
    • Demonstrated knowledge of common vulnerability frameworks (OWASP Top 10, CVSS).
    • Experience with security source code review and development experience in C/C++, Java, Python.
    • Authoritative technical knowledge of Internet security and networking protocols.
    • Experience with software development.
    • Scripting skills such as Python, Perl, Shell, Bash.
    • At least 3 years of demonstrated experience in penetration testing.
    • Expert knowledge of Unix, AIX or Linux platforms
    • Expert knowledge of Cisco-based firewalls and intrusion detection systems
    • Knowledge of Mainframe technologies
    • Knowledge of Windows 200X server platforms.
    • Knowledge of VMware and VM server platforms
    • Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
    • Solid working knowledge and understanding of multiple operating systems and commands, as well as an understanding of IT security and network best practices and software/hardware solutions
    • Knowledge of business, application, information and enterprise architecture responsibilities, principles and standards.
    • Knowledge of Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
    • Knowledge of database structures and queries.
    • Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
    • Maintains a broad knowledge of current and emerging network security threats
    • Strong time/project management skills with the ability to operate under deadlines and manage fluctuating workloads
    • Ability to communicate security objectives orally and in writing to a variety of audiences.
    • Ability to write security requirements and design documents
    • Ability to analyze complex problems and recommend/negotiate solutions
    • Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs.
    • Minimum of 3 years experience in a security operations center and/or system administration role
    • Minimum of 5 years experience as a System Administrator (Unix/Windows) and Network Administrator
    • Experience troubleshooting common network devices, network vulnerabilities and network attack patterns
    • Experience analyzing IIS, SQL, firewall, IPS/IDS, Windows, SEP, Web, and mail filtering logged events.
    • Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)

    Required Training and Education:

    • Bachelors degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.

    Desired Training and Education:

    • Current SANS certification holder (technical tracks) strongly preferred
    • CISSP desired and CCNA, MCSE certifications are preferred

     

    NASCO is a Minority/Female/Disability/Vet/Affirmative Action Employer.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed