Cyber Security Engineer

Emp Type: W2 or 1099........ (No C2C)

Visa: H1B, H4EAD, GCEAD, L2, Green Card, US Citizens (Only USA Applicants)

Workplace and Type : Peoria- Hybrid / Nashville -Tennessee / Dallas -TX

Position’s Contributions to Work Group:

- They will enable us to retain our current headcount within the CSIRT organization and effectively utilize their available time for product evaluations, automation process improvements, and so forth.

Additionally, our team is planning to take on extra support responsibilities in 2026, which this resource will significantly aid.

Typical task breakdown:

- A typical day for a Threat Protection Team analyst usually revolves around monitoring and responding to security incidents, managing vulnerabilities, and collaborating with team members.

- - **Daily CSIRT Meeting: ** The day often starts with a daily Cyber Security Incident Response Team (CSIRT) meeting. Analysts discuss ongoing incidents,

- share updates on previous cases and prioritize tasks for the day. This is a crucial time for knowledge sharing and aligning on strategies.

- - **ServiceNow Queue Management: ** After the meeting, the analyst checks the ServiceNow queues for any new incidents or requests. This involves

- reviewing tickets related to security alerts, assessing their priority, and assigning them for investigation or resolution.

- - **Vulnerability Remediation: ** The analyst reviews vulnerability reports generated by the CrowdStrike platform. They prioritize vulnerabilities based on risk levels and business impact and begin coordinating with IT and development teams to address critical vulnerabilities.

- - **Incident Investigation: ** Analysts spend a significant part of their afternoon investigating security incidents. This includes analyzing logs, reviewing endpoint data and determining the scope of any breaches or threats.

- - **Documentation and Reporting: ** As the day wraps up, analysts document their findings and actions taken in ServiceNow. They prepare reports for management and ensure that all incidents are properly logged and categorized for future reference.

- - **Follow-up Tasks: ** Before finishing for the day, analysts follow up on any unresolved tickets and ensure communication with relevant stakeholders regarding ongoing remediation efforts.

- Support Caterpillar’s Endpoint Detection &Response (EDR) (including Linux/Ubuntu server), Identity Management, - Vulnerability Management / Attack Surface Visibility / Response Actions environments.

- Promote automation for monitoring and remediation of client health issues, monitoring of EDR Infrastructure, vulnerability remediation, and aligning to Enterprise ITSM change and control procedures.

- Be a liaison between Corporate Cybersecurity, and our business partners to help understand their operations and maintain global security processes, while building collaborative relationships, provides expertise, technical guidance, and security awareness as needed.

Interaction with team:

- Interacting with team lead and some additional support responsibilities.

- 6 teams’ members

Education & Experience Required:

- Degree is a nice to have- weighted a little more*

- 1-3 years experience, someone who is eager to learn and gain experience.

Technical Skills (Required)

- Cloud Services Knowledge / Experience

- Ubuntu Operating System Experience

- Experience with Host Group, Prevention Sensor, and Policy Configuration

- Experience using and/or maintaining commercially available Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) tools.

- Experience supporting Kernel level security solutions.

- Exposure to SQL, PowerShell or Python Scripting, Command Line Interfaces

- OS Administration: Windows, MacOS (command line, services, data manipulation, installation, and system operation)

- Experience with Windows/macOS Frameworks and events relevant to security.

- Remote Administration Tools

- Help Desk/Break Fix/Desktop Support Experience

- Installing/Removing/troubleshooting MSI packages

- ServiceNow Experience

- Automation Solutioning ; Experience

- Technical Certifications: SANS, CompTIA, or MS Certs

Soft Skills (Required)

- General understanding of business operations and IT/Technology processes

- Adaptability to work in a varied, fast paced, ever changing global environment.

- Ability to participate in 24x7 On-Call rotations.

- Team player – able to communicate, collaborate, and work effectively in a regionally distributed team.

- Experience in maintaining system documentation in an enterprise tool (ie SharePoint, OneNote, etc) for group dissemination.

Disqualifiers/Red Flags:

- Choppy tenure

- If candidate cannot work hybrid work model

- If candidate don’t have 2 yrs of Exp on below skills.

• Experience using and/or maintaining commercially available Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) tools.

• Experience with Host Group, Prevention Sensor, and Policy Configuration

• Exposure to SQL, PowerShell or Python Scripting, Command Line Interfaces

Please share your resume and contact details to krithik_r@surgetechinc.com/ sahithi_s@surgetechinc.com or can call on 832-990-6448