Overview:
The Cyber Team Engineer will be responsible for all security-related tasks within the organization, including privileged access management, monitoring security logs for alerts, reviewing Common Vulnerabilities and Exposures (CVEs), and ensuring proper security incident control procedures are followed. This role requires experience with monitoring tools, Splunk as a power user, syslog, Windows Event Log, rsyslog, and privilege access management(PAM) systems such as BeyondTrust, CyberArk and role based access control(RBAC) such as ClearPass Policy Manager (CPPM), and Cisco Identity Services Engine (ISE).
Responsibilities:
Manage and maintain privileged access management systems to ensure secure access control.
Review security logs and alerts to identify and respond to potential security incidents.
Stay abreast of CVEs and security threats to assess their impact on the organization's systems.
Implement and oversee security incident control measures to mitigate risks and protect sensitive data.
Collaborate with the cybersecurity team and IT departments to address security concerns and implement best practices.
Draft reports and documentation on security incidents, vulnerabilities, and risk assessments.
Provide recommendations for improving security measures and enhancing the organization's cybersecurity posture.
Qualifications:
Minimum of 3 years of experience in a cybersecurity or security-related role.
Proficiency in monitoring tools such as SolarWinds, eG, and Splunk.
Familiarity with syslog, Windows Event Log, rsyslog, and other logging technologies.
Experience with privilege access management (PAM) and role-based access control (RBAC) systems such as BeyondTrust, CyberArk, CPPM, ISE, etc.
Strong verbal and written communication skills for clear and effective interaction with team members and stakeholders.
Deliverables:
Properly managed privileged access control and monitoring systems for enhanced security.
Timely review of security logs and alerts to detect and respond to security incidents.
Regular review of CVEs and implementation of security incident control measures.
Detailed reports and documentation on security incidents, vulnerabilities, and risk assessments.
Collaborative work with the cybersecurity team to enhance security measures and mitigate risks.
Timeline:
This scope of work is for an ongoing position with regular security-related responsibilities. The Cyber Team Engineer will be expected to work during regular business hours and participate in on-call rotations for security incidents.
EA License No. - 14C6941