Sr. Cybersecurity Operation Engineer (remote) Job at Digitalware, Inc. – United States Remote

Cybersecurity Jobs in United States Remote, USA – Apply for Sr. Cybersecurity Operation Engineer (remote) Job at Digitalware, Inc. – United States Remote. See the job description, requirements, and the link to apply.

DIGITALWARE, INC. OVERVIEW

Digitalware is a professional consulting and managed security services company providing robust solutions based on a security first architecture. Headquartered in New York City, Digitalware has offices in Boston, Philadelphia and Menlo Park, California.

Founded by leading experts with decades of experience in Cyber Security, Network Design, System Integration, Implementation and Support, Digitalware has one fundamental principle – before a “thing” is connected IT must be secure!

Digitalware assesses each client’s security risks and challenges and builds customized managed services solutions to safeguard their data, networks and connected devices, making them fully protected from security breaches of any kind.

POSITION SUMMARY:

Digitalware is seeking an enthusiastic and motivated individual to provide Managed Cyber Security Services to our valued customers. As a key member of the Fusion Center team, you will be part of an integral and elite group that is dedicated to protecting system resources from cyber-attacks and other online threats that could have devastating consequences for millions of end users.

Successful candidates will demonstrate foundational Network Security and System Administration with advanced understanding across Endpoint Protection, Threat and Vulnerability Management, Security Automation, and Security Analysis.

RESPONSIBILITIES:

• Provide client-facing support of Digitalware managed services, including adherence and development of processes and operational frameworks.
• Integrate, deploy, on-board and manage endpoint defense and attack surface managed customers.
• Maintain managed technologies based on individual policies and requirements.
• Analyze security event data from network and endpoint environments, peer analysts, customer platforms, and other security sources.
• Troubleshoot systems, integrations, and technologies to ensure availability of security systems and services.
• Assist customers with vulnerability scanning, management, and remediation guidance.
• Review procedures relating to Cyber threat intelligence, monitoring, incident response, attack surface reduction, and design automated actions to accelerate the triage, validation, eradication, and remediation of security incidents.
• Leverage expertise in leading security operations tools and industry standard scripting languages to effectively write playbooks in security orchestration, automation, and response.
• Create, maintain, and manage a library of automated playbooks for common information security threats and customize these plans for client specific environments.
• Actively identity areas of improvement within the processes of the Security Operations Center and Cyber Incident Response Team with the goal of decreasing response times, increasing effectiveness, and eliminating waste, and streamlining security operations.
• Integrate new security platform functionality with existing systems and automated processes as threats and controls evolve.
• Develop tools and automated tests for improving Fusion Center operations.
• Create well documented and clearly articulated code, process, and service documentation.
• Design and implement solutions that enhances the security posture of tools across multiple platforms.
• Perform health checks and optimization activities on relevant security technologies or systems.
• Determine information security risk and facilitate remediation actions of identified vulnerabilities and security risk across the enterprise.
• Assist with training junior operations engineering staff.
• Other, as needed.

MINIMUM QUALIFICATIONS

• 6+ years of IT experience.
• 4+ years of Cyber Security experience.
• 3+ years managing security endpoints.
• 3+ years of experience with endpoint security tools (CrowdStrike, Carbon Black, SentinelOne, McAfee MVISION and ENS, Microsoft ATP, etc.)
• 3+ years of experience with vulnerability management tools (Nessus, Nexpose/InsightVM, Qualys)
• 3+ years of experience with Windows AD administration
• 3+ years of experience with SIEM management and tuning in one or more of the following: Splunk, Azure Sentinel, Elastic SIEM, Chronical, or Devo.
• Experience with Windows patch management tools (SCCM, SolarWinds, GFI Languard, etc.) a plus.
• Experience migrating and upgrading endpoint security solutions.
• Advanced operating systems experience, in 2 or more of the following, Microsoft, MacOS, Linux.
• General network security and troubleshooting knowledge.
• Advanced scripting knowledge preferred in any of the following: PowerShell, Python, Bash.
• Passionate about emerging threats and security tools/technologies.
• Malware and Threat analysis.
• Incident Management.
• Certifications a plus: CEH, CRISC, CISA, CGEIT, CISSP, CIPP, GMON, GHIA, GCIH.
• Bachelor’s Degree (Math, CS, and Engineering) preferred.
• Able to work under general to minimal supervision.

COMPENSATION/BENEFITS

Digitalware offers a competitive compensation and benefits package, including health, vision, dental, disability, life insurance, commuter benefits and 401(k) plan, as well as a customized talent roadmap which provides you with the training and certifications you need to succeed and grow.