Back to Job Search

Sr Engineer, IT Cyber Security Analysis and Response

  • Location: Fort Worth, Texas, 76155
  • Job Type:Contract

Posted 21 days ago

Our client is seeking a CIR Engineer for a contract role in Fort Worth, Texas.     

This job is a member of the Cybersecurity and Technology Risk Management, within the Information Technology Division. The primary mission of Cybersecurity and Technology Risk Management is to increase client’s resiliency to Cyber Material Loss Scenarios. These include, but are not limited to, disruption of Operational Delivery and Fleet, Customer Data Disclosure, and Reliance on Third Parties.     
The CIR (Cyber Security Incident Response) Sr. engineer is responsible for the building and supporting the underlying technologies that support the CIR Operations groups as well as producing architecture, enforcing process governance, mentoring, and shepherding of teams seeking regulatory compliance.  These technologies include TIP, SOAR, SIEM, EDR, and many other detection and incident response technologies.  This role will heavily require mature scripting and automation skillsets.

Minimum Qualifications:
  • Bachelor’s Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
  • Minimum 5 years of Information Technology related experience
  • Minimum 5 years of building and using APIs
  • Minimum 5 years of networking experience
  • Minimum 5 years Windows/Linux experience
  • Minimum 5 years of big data platforms experience
  • Minimum 3 years of container technology experience
  • Minimum 3 years of Security or SecOps experience

Preferred Qualifications:
  • Master’s Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
  • Cloud experience (IBM and/or Azure)
  • Active Directory experience
  • Implementation of Performance Monitoring Tools
  • Software development
  • Scripting experience

Skills, Licenses & Certifications:
  • Information Security Certification
    • Security+
    • CISSP
  • Ability to script in languages like Python or JavaScript
  • Knowledge of how to use Webhooks, API's
  • Knowledge of Linux/Unix, Powershell, Basic Windows Administration, Git
  • Knowledge of Security Concepts, Mitre ATT&CK Framework, PCI Compliance Requirements
  • Knowledge of Networking concepts, services, and protocols
  • Knowledge of basic cloud security controls and architecture
  • Knowledge of SIEM, EDR, SOAR Platforms, Big Data Platforms
  • Understanding of the OSI model
  • Experience with Agile methodologies and tools
  • Ability to work independently and effectively cooperate with others
  • A solid understanding of networking, cyber security concepts, vulnerability identification and cyber threat intelligence is necessary
  • Excellent communications skills, that includes the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower level analysts, and editing at a technical/professional level
  • Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
  • Aptitude in solving problems independently while also having the openness to work collaboratively
  • Demonstrated problem-solving skills
  • Sound decision-making ability
  • Availability to work a flexible schedule and support the incident response teams during triage
  • Willingness to work with junior peers and foster an environment that promotes their success and growth
  • Ability to lead a small squad of engineers to deliver sustainable, scalable, and staff tolerant enterprise services 
  • Ability to effectively communicate both verbally and written with all levels within the organization
  • Ability to effectively explain technical concepts and adjust messaging based on the audience
  • Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
  • Ability to work well within a team environment, as well as independently with minimal supervision

Essential Job Functions:
  • Manage or assist in the management of the CIR event and information platform
  • Develop playbook and process automation utilizing the SOAR technologies
  • Aid in the management of alerts and configurations of technologies that CIR relies on (IDS/IPS, Email Security technologies, Firewalls, etc.)
  • Help with the ingestion of threat intel into the appropriate tools and groups
  • Assist in the tuning of alerts generated from all Cybersecurity tooling
  • Support and maintain the endpoint detection and response tooling
  • Aid in ingestion of asset data into the functions and systems of the CIR
  • Assist in tool management during an immediate incident (24/7)
  • Maintain and monitor platforms to ensure 24/7 readiness and operability of CIRE services
  • Present technical documentation to enterprise architecture and standardization boards
  • Create processes that allow non-security minded teams the ability to achieve regulatory compliance
  • Consistently work with CIR and Application team in an iterative fashion to ensure that all security events are monitored, complete, and accounted for.