What are the responsibilities and job description for the Cyber Staff Engineer position at Heitmeyer Consulting?
Job Title: Staff Engineer – Cyber
Location: Phoenix, AZ
We are seeking a passionate, experienced, and results-driven staff engineer to build, maintain, and support technologies that will not only allow the Security Monitoring Center to continue its mission critical function but also allow us to grow and mature as we take on the challenge of building a robust Insider Risk program.
This person will work alongside a team of talented engineers and be responsible for timely execution of work objectives and deliverables. Must be comfortable both challenging the ideas of others and having their own solutions challenged as part of ensuring that we are implementing the best possible solution. Not only must you be tech saavy, but also be capable of providing high-quality work documentation wherever it is applicable, including but not limited to: graphs, flow diagrams, engineering runbooks, and change procedures.
Location: Phoenix, AZ
We are seeking a passionate, experienced, and results-driven staff engineer to build, maintain, and support technologies that will not only allow the Security Monitoring Center to continue its mission critical function but also allow us to grow and mature as we take on the challenge of building a robust Insider Risk program.
This person will work alongside a team of talented engineers and be responsible for timely execution of work objectives and deliverables. Must be comfortable both challenging the ideas of others and having their own solutions challenged as part of ensuring that we are implementing the best possible solution. Not only must you be tech saavy, but also be capable of providing high-quality work documentation wherever it is applicable, including but not limited to: graphs, flow diagrams, engineering runbooks, and change procedures.
- Solid understanding of logging infrastructure concepts: syslog; log parsing; log de-duping; methods for log pulling; RFC 5424; CEF Format; JSON; key value pair format; log enrichment; log maintenance; log troubleshooting.
- Demonstrative SIEM administration. A solid understanding of and administrative experience with of Elastic Stack is a plus (aka: elasticsearch; elk; Elastic Logstash Kibana; ElasticCloud) is a plus.
- Demonstrative SOAR administration and playbook authoring. A solid understanding of and administrative experience with Palo Alto XSOAR is a plus.
- Coordinate activities with other SMC Engineers to drive accuracy, improve MTTR, and automate cyber analysis and enrichment.
- Solid understanding and demonstrative experience with Python, Powershell, and Bash.
- Capable of operating entirely day-to-day on a Linux platform.
- Bachelor’s Degree in a Cybersecurity or Computer Science Program or related area of focus from a 4-year college or university and a minimum of five (5) years of Information Technology experience.
- The five (5) years of experience should include a combination of:
- Three (3) years of experience in information security engineering, security risk and compliance management, security project management, security policy management, and other security practices.
- Three (3) years of experience using scripting techniques (Python, Powershell, Rest API, VB, Ruby, etc.) to automate tasks.
- Two (2) years of experience in evaluating, installing, configuring, and maintaining at least 2 of the following security tools (IDS, IPS, SIEM, DLP, Proxy, Firewall, Endpoint forensics, disk encryption, GRC, Vulnerability scanner, sandbox, SOAR).
- Two (2) years of experience administrating a SIEM. Elastic Stack SIEM is a plus.
- Experience with interpreting and analyzing packet captures via Wireshark.
- RHCSA, RHCSE, CCNA, Microsoft, Azure, AWS, VMWare, or related technology training or certifications are a plus.
- CISSP, CISA, CISM, GIAC, GCIH, Security or related certifications are a plus
