The Cyber Security Engineer will perform real-time and alert monitoring of network tools (IDS,IPS, HID, firewalls) and analyzing both raw (management consoles) and processed securityevent data (SIEM) to identify potential security incidents, threats and vulnerabilities to helpimprove log data and develop additional use cases for further improving tools and detection.Additionally, assist with research and distribute cyber threat intelligence to protect all Authoritynetworks. Provide information security metrics and key performance indicators (KPI’s).Participate in Incident Response and Security Operations Team.
3-5 years Information Security experience Security Operations and Incident Response Experience required Experience SIEM tools such as Splunk, McAfee ESM, LogRhythm is required Strong technical, troubleshooting and analytical skills required Experience with Antivirus and Advanced Endpoint Protection a plus Experience with Web Proxy, MDM, DLP, and NAC a plus Industry certifications such as CISSP, ECIH, CCIH or GHIA. Experience in lieu ofcertification will be taken into consideration
Initiative taker and out of the box thinker