As a cybersecurity Engineer, you will help plan and carry out our organization’s information security strategy. You will work with a specialized group of highly skilled individuals to develop a set of security standards and best practices for the organization, and recommend security enhancements to Management as needed. The Cybersecurity Engineer will provide expert judgment and analysis for designing, developing and implementing technology products and systems.

Key Functions / Responsibilities

• Plan, implement, manage, monitor, and upgrade security measures for the protection of the organization’s data,
  systems, and networks.
• Troubleshoot security and network problems.
• Respond to all system and/or network security breaches.
• Ensure that the organization’s data and infrastructure are protected by enabling the appropriate security controls.
• Participate in the change management process.
• Test and identify network and system vulnerabilities.
• Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
• Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats.
• Manage, develop and tune scripts that integrate SIEM tools.
• Create technical documentation around the content deployed to the SIEM.
• Monitor the impact of deploying new content on the health and performance of the SIEM.
• Lead logging enrollments from multi-tier applications into the enterprise logging platforms.
• Develop specific content necessary to implement Security Use Cases and transform them into correlation queries,
  templates, reports, rules, alerts, dashboards, and workflow
• Develop advanced scripts for the manipulation of multiple data repositories to support analyst requirements.
• Develop advanced reports to meet the requirements of key stakeholders.
• Develop scalable security management tools and processes.
• Engineer, configure, and deploy enterprise SIEM/SOAR solutions.
• Develop automation for security tools management.
• Collaborate with key GIS and Cybersecurity stakeholders to develop use cases to address specific business needs.
• Collaborate with application owners to define and establish logging standards to address various governance
  requirements.
• Work closely with the DevOps Engineers, Solution Architects, Software Engineers and DBAs to refine and enforce
  best security practices.

Competencies

Corporate Competencies:

• • Customer-Centric
  • Value Creators
  • Innovative
  • Leaders
  • Ownership

Functional Competencies:

• Solid understanding of events, related fields in log records and alerts reported by various data sources such as
  Windows/Linux/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies; experience with
  Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security
• Experience with network security and system security experience, supporting security information event
  management (SIEM) tools; excellent understanding and proven hands-on experience in SIEM concepts such as
  correlation, aggregation, normalization, and parsing
• Experience with deploying and managing a large SIEM deployment
• Excellent understanding of enterprise logging standards, with a focus on application logging
• Experience with SPLUNK, ArcSight and/or Qradar SIEM systems
• Excellent understanding of Cyber Security Operations, Incident Response processes
• Excellent understanding of web application architectures and web services
• System administration experience in a Windows and Unix environment
• Experience in using scripting languages to automate tasks and manipulate data. Programming experience is a
  plus
• Experience working in a large enterprise environment
• Experience in database security and administration (Oracle, MySQL/SQL, DB2)
• Cybersecurity certifications (e.g., CISSP) and vendor specific certifications (e.g., Oracle, Microsoft, AWS,
  Fortinet, etc.)
• Excellent communication skills
• Ability to drive multiple efforts with minimum supervision.

Experience and Qualifications

• Bachelor’s in Computer Science or Computing Systems, Information Technology or related field.
• 3+ years of prior relevant experience.

Certifications/Training

• Any vendor-specific cybersecurity certification.

Physical Requirements:

• Typically sitting at a desk or table.
• Work is typically performed in an office.
• Travel at least 20% of the time.
• Job demands can also be flexible.

How to apply:

Qualified candidates should please send a resume to careers@descasio.io