Cybersecurity Engineer

at  US Renal Care

SUMMARY

As a member of the Information Security team, the Cybersecurity Engineer is responsible for protecting the company from intrusions, malware, threat actors, and other forms of cyber attacks. The cybersecurity engineer will be involved in supporting efforts to implement new security solutions and enhance existing solutions through all phases of the project lifecycle.

Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned.

• Researches, designs, and implements cyber security solutions and products that comply with all applicable security policies and standards
• Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software
• Analyzes and makes recommendations to improve network, system and application architectures
• Examines network, server, and application logs to determine trends and identify security incidents
• Assists in the review and update of cyber security policies, architectures and standards
• Assists in responding to audits, penetration tests and vulnerability assessments
• Tests new computers, software, switch hardware and routers before implementation to ensure security
• Provides incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
• Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
• Conducts network monitoring and intrusion detection analysis using various computer network defense (CND) tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security system (HBSS), etc.
• Troubleshoots system and network configuration for security related tools and platforms
• Works with app dev, systems and network teams to assist with integration of security products and platforms
• Supports ongoing functional and performance tuning efforts for SIEM, EDR, DLP, SEG, and Vulnerability Management solutions and platforms.
• Reviews alerts and data from sensors and documents formal, technical incident reports
• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization
• Works with threat intelligence and/or threat-hunting teams

Requirements:
Qualifications/Requirements:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.

Requirements include:

• Bachelor’s degree preferred; degree in computer science, engineering, information systems or another related discipline strongly preferred.
• Five plus (5+) years of work experience in information security, especially in a network security analyst role.
• Desired, but not required: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
• Technical expertise in network security with working knowledge of VPN, firewall, network monitoring, intrusion detection, web server security and wireless security, cloud, OT, and the Internet of Things (IoT)
• Practical experience with database security, content filtering, vulnerability scanning and anti-malware
• Proficiency with at least one scripting language (e.g., Perl, Python, PowerShell)
• Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers
• Strong knowledge of common vulnerabilities and exploitation techniques
• Familiarity with business needs and commitment to delivering high-quality, prompt and efficient service to the business
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• An understanding of organizational mission, values, and goals and consistent application of this knowledge
• Strong problem-solving and trouble-shooting skills
• Self-motivated and possessing of a high sense of urgency and personal integrity

• Researches, designs, and implements cyber security solutions and products that comply with all applicable security policies and standards
• Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software
• Analyzes and makes recommendations to improve network, system and application architectures
• Examines network, server, and application logs to determine trends and identify security incidents
• Assists in the review and update of cyber security policies, architectures and standards
• Assists in responding to audits, penetration tests and vulnerability assessments
• Tests new computers, software, switch hardware and routers before implementation to ensure security
• Provides incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
• Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
• Conducts network monitoring and intrusion detection analysis using various computer network defense (CND) tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security system (HBSS), etc.
• Troubleshoots system and network configuration for security related tools and platforms
• Works with app dev, systems and network teams to assist with integration of security products and platforms
• Supports ongoing functional and performance tuning efforts for SIEM, EDR, DLP, SEG, and Vulnerability Management solutions and platforms.
• Reviews alerts and data from sensors and documents formal, technical incident reports
• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization
• Works with threat intelligence and/or threat-hunting team