Cyber Security Engineer

Title: Cyber Security EngineerType: Direct HireLocation: Westminster, CO -The role requires onsite or hybrid scheduling in the Denver, CO locationLocation Note: Both local and non-local candidates are encouraged.Schedule Note: This position will also have a responsibility to be working with an ON-CALL rotation with the Global team. International travel could also be involved for events and Global team meetings Bonus – Position is eligible for bonus Interview Process: 1 - Candidates will meet with the Manager in a google meets video call. 2 - Will meet with Team Leads or Technical Leads. 3 - Will also meet with other team members in final interviewsInterview Note: There may be as many as 3 to 4 interviews. Manager Note: I currently manage a global team that supports Global SOC. We need a US based resource to cover North America based businesses for our client. The person we are looking for should have experience with SOC operations and monitoring and analysis of cybersecurity events. Candidates should have an ability to support cybersecurity events as well as being comfortable managing the escalation process and ensuring that appropriate business and IT management teams are engaged and kept updated. Key to the Role:

• Security Operations Center (SOC) environment experience with at least 8 years of IT to include 2+ years of experience detecting and responding to cyber intrusions in an Operations Technology environment
• Proven ability to manage issue resolution processes through the full Lifecyle including communication to senior IT and business executives
• Best Fit candidates should have an interest in advancing their career to SOC management roles

• Monitoring and analysis of cybersecurity events
• Fully ope from Cradle to Grave the incident response process
• Conducting incident response within a major public cloud (i.e. AWS, Google Cloud Platform , Azure)
• Excellent understanding about Windows and Linux OS internals
• Excellent knowledge of protocols like HTTP, HTTPS, TCP/IP, WebSocket, SSH, SFTP, RDP etc.
• Good understanding of the industry models such as the Cyber Kill Chains, Diamond Model and MITRE ATT&CK framework
• Practical hands-on experience analyzing windows & linux artifacts produced from digital forensics and incident response
• Good understanding of cyber threat landscape, TTPs, threat actors and groups
• Proficiency with the following tools:

• Communicate new ideas or suggestions for analysis/process improvement
• Deep understanding of logging mechanisms of Windows, Linux platform
• Participate in a 24x7 (On-Call) coverage model to prevent and remediate security threats
• Knowing how to Script in languages such as Python, Powershell, Bash to build incident response workflows and automation is a plus
• Experience with SIEM technologies (Splunk etc), Threat hunting, monitoring and investigations
• Have excellent written and verbal communication skills
• Possess good technical understanding, takes initiative to remain up to date with cyber security skills, and fosters an attitude of continual learning/adapting
• Possess the ability to adjust and adapt to changing priorities in a dynamic environment
• Ability to work with minimum guidance.

• Security Operations Center (SOC) environment experience with at least 8 years of IT to include 2+ years of experience detecting and responding to cyber intrusions in an Operations Technology environment
• Bachelor’s degree or equivalent combination of education and 10 years of experience in computer science, computer engineering, mathematics or related field