Cyber Security Engineer, Blue Team
Core Focus:
The Cyber Security Engineer, Blue Team will configure, implement, and optimize new cybersecurity
capabilities as vulnerability management systems, firewalls, intrusion detection systems, or log
management infrastructure.
Summary of Responsibilities:
?
Perform risk analysis of vulnerabilities and threats, and evaluate efficiency of existing detection
mechanisms, analytics, and mitigations
?
Consult and provide risk management recommendations, cost analysis based on environment
?
Monitor and respond to security alerts across a vast array of security operations areas, and
perform network vulnerability and compliance scanning
?
Build blue team defenses to detect and block the opponent
?
Maintain awareness of new and emerging cyber-attack threats
?
Develop and design technical recommendations, and execute remediation and mitigation
strategies
?
Work with Application Development to create a standard for all in host applications, to log
directly to Splunk
?
Design and maintain network architecture, create segmentation analysis, and responsible for
networking concepts such as VLANs, routing, and encrypted tunnels
?
Conduct Blue Team exercise and Computer Network Defense drills to evaluate and improve
processes related to threat detection, incident response, patching and remediation
Qualifications & Required Experience:
?
BS in Computer Science, Computer Engineering, Information Technology or equivalent
experience required
?
Knowledge in one or more of the following areas: Penetration testing, Exploitation, Incident
Response (Hunt), Blue Teaming, Reverse Engineering
?
Expertise in application monitoring and event log management
?
Experience with administration of centralized logging tools and Event Management Systems
(SIEMs)
?
Experience configuring Splunk software
?
In-depth experience in enterprise vulnerability and compliance scanning systems
?
Experience implementing centralized log aggregation and search frameworks such as Splunk,
ELK etc.
?
Experience with Windows Desktop, Windows Server and Linux operating systems?
Windows server and workstation hardening through configuration
?
Experience with web gateways such as Forcepoint (Websense) or Bluecoat
?
Strong knowledge of advanced cyber threats and adversary methodologies