Cyber Security Engineer

Senior Cybersecurity Engineer with proven experience in Security Operation Center environments, particularly within MSP or MSSP organizations.

You will be part of a dynamic, multi-functional team that includes network engineers, cyber operations technical leads, cyber operations center managers, firewall engineers, and compliance management consultants.

Responsibilities:

• Client Support and Relationship Management: Provide expert cybersecurity guidance to clients, building trust and fostering partnerships to address their unique cybersecurity needs
• Collaboration with Stakeholders: Engage in discussions and meetings with senior executives, Information System Managers, and Cybersecurity Specialists within MAD Security and externally
• Objective Alignment: Contribute to achieving company goals monthly, quarterly, and annually
• Collaborate with all SOC experts to monitor, identify, and make notifications on cybersecurity matters to provide a holistic and seamless cybersecurity experience for the client
• Analyze, triage, aggregate, escalate, and report on client security events, including investigation of anomalous and malicious activity
• Perform correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents
• Continuously work to improve SOC technologies to minimize false positives and maximize detection and prevention effectiveness
• Develop and track key performance indicators (KPIs) related to SOC operations to benchmark and further enhance capabilities
• Develop comprehensive and accurate reports and presentations for technical and executive audiences
• Design and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issues
• Communicate regularly with the team and with clients to proactively address concerns

Qualifications:

• U.S. Citizenship is required by federal law
• Bachelor's degree in the following areas of study is preferred: Information Technology, Information Security/Assurance, Computer Science, or an equivalent combination of education and experience (Master's degree is a plus)
• 5 years of experience in IT Security and/or Information Technology
• Industry-recognized professional certifications such as CISSP, CASP , GCIH, GCFA, GNFA, GREM
• Extensive expertise in SOC operations, incident response, threat hunting, and vulnerability management required
• Experience working in a Security Operations Center in an enterprise or managed services provider environment
• Experience in an incident response, forensics, threat hunting, or incident investigation role in large-scale environments
• Experience with industry security tooling in SIEM/SOAR platforms
• Fortinet, AT&T AlienVault, Avanan, Preveil, Bricata, Elastic is a plus
• Strong understanding of security operations technologies, including SIEM and orchestration
• Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms
• Demonstratable working knowledge of emerging technologies and tactics used within a SOC or IR and how they are applied to improve efficiency and effectiveness