Cybersecurity Engineer w/ Splunk (GIAC Required)

Strategic Staffing Solutions is offering a hybrid, contract cybersecurity engineering role within the Advanced Operational Services (AOS) Threat Disruptions team. This position supports remote work with on-site options in Charlotte, NC; Chandler, AZ; or McLean, VA. The hourly rate is USD 75 - 80, and GIAC certification is required.

Responsibilities

• Review and correlate security logs
• Play a major role in phishing disruption efforts, including the creation of new logic and procedures to identify phishing attacks impacting customers and employees
• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigations of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

Requirements

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through work experience, training, military experience, or education

Technologies

• Splunk
• SIEM
• IDS/IPS
• YARA
• Regular expressions

Desired qualifications

• Advanced technical skills in information security
• Experience detecting and mitigating phishing attacks directed at employees and the company brand
• Experience creating regular expressions and YARA rules
• Ability to manage complex issues and develop solutions
• Experience across information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigations, DMARC, or cyber threat intelligence
• Ability to operate in a fast paced, high demand environment while balancing multiple priorities
• GIAC certification or equivalent in information security
• Hands-on experience with enterprise security tools such as SIEM, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Experience with host and/or network log analysis as applied to incident response or threat hunting
• Knowledge of offensive security and the ability to think like an attacker during hunting and response
• Strong experience in operating system and application security hardening and best practices
• Strong investigative mindset with attention to detail
• Advanced problem solving skills and the ability to develop durable solutions to complex problems