Cyber Security Engineer

Role: Cyber Cloud Monitoring Security

Location: Wilmington, DE or Atlanta, GA

Type: Long term Contract

Job Summary

• Perform investigation and escalation for complex or high severity security threats or incidents and handles and analyze security issues/threats in Azure cloud.
• Acting as an escalation point for Tier I analysts and further analyzing events of interest
• Ensures that all identified events are promptly validated and thoroughly investigated
• Collaborates with technical teams to identify, resolve, and mitigate events
• Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity
• Assists with containment of threats and remediation of environment during or after an incident
• Work with SIEM Engineering and other security partners developing and refining correlation rules
• Regularly develop new and interesting use cases for future SIEM logic
• Administer and configure security tools and sensors to alert on certain risk conditions
• Participate in cyber threat hunts in support of the global cyber operations function
• Assist with forensics investigations.
• Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures
• Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to BlackRock
• Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities
• Follow documented processes and procedures is critical.

Technical Skills:

• Perform investigation and escalation for complex or high severity security threats or incidents and handles and analyze security issues/threats in Azure cloud.
• Acting as an escalation point for Tier I analysts and further analyzing events of interest
• Ensures that all identified events are promptly validated and thoroughly investigated
• Collaborates with technical teams to identify, resolve, and mitigate events
• Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity
• Assists with containment of threats and remediation of environment during or after an incident
• Work with SIEM Engineering and other security partners developing and refining correlation rules
• Regularly develop new and interesting use cases for future SIEM logic
• Administer and configure security tools and sensors to alert on certain risk conditions
• Participate in cyber threat hunts in support of the global cyber operations function
• Assist with forensics investigations.
• Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures
• Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to the customer
• Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities
• Follow documented processes and procedures is critical.
• Capable of analyzing requirements and manage\troubleshoot as per project defined process
• Customer escalation handling
• ITIL trained / certified Process
• Ready to Support flexible hours