Role Description The selected candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues. The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. - Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. - Responsible for the identification and assessment of enterprise risks. - Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture. - Articulates security policies, guidelines, and standards to customers and developers. - Works independently within an established framework. - Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits. - Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks, or leaks. - Continues to build knowledge of the organization, processes, and customers. - Partners with Security Architecture on critical scope delivery. - Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). - Performs proactive threat hunting using hypothesis and telemetry from endpoints, identities, cloud, and network. - Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage. Qualifications - Junior or Senior pursuing a Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or a related degree. - Experience in the security domain with exposure to tools such as CrowdStrike, ZScaler, Palo Alto, Mimecast, MS Defender is a plus. - Highly skilled and knowledgeable within the Microsoft environment and toolset. - Energetic and a quick learner. - Good communication skills with a positive attitude. - A willingness to learn new technology. - Experienced in incident response lifecycle and SLAs. - Any Security Certification is an added advantage. Requirements - Experience responding to security incidents in enterprise environments, with a deep understanding of the Incident Response cycle. - Deep understanding of Cybersecurity concepts, principles, and best practices. - Knowledge of Security frameworks and standards (e.g., NIST). - Comprehensive understanding of technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols. - Knowledge of Windows and MAC operating systems and their security features. - Understanding compliance requirements. - Experience with administrating or architecting solutions in: - Zscaler - CrowdStrike - Mimecast - Wiz - MS Defender - Emphasis on Identity, setting up and analyzing Conditional Access Policies. - Experienced operating as an administrator across security platforms and executing changes per the Security Architecture group's design. - Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution. - Guide the implementation of threat hunting methodologies using SIEM, EDR, and advanced telemetry. - Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling. - Expert level understanding of standard risk classification schemes including CVSS. - Strong organization skills and effective communication on risk with experience presenting to an executive audience. - Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle. - Composure and clear thinking during high-pressure situations. - Capable of performing technical and business risk analysis on cybersecurity issues. - Ability to analyze problems, ask questions, and come up with potential solutions within the confines of our security standards. - Ability to work in multiple areas but track through issue resolution. Benefits - Health, vision, and dental insurance. - Flexible spending accounts. - Health savings accounts. - Retirement savings plans. - Life and disability insurance programs. - Paid and unpaid time away from work. - Competitive pay, which may vary depending on eligibility factors such as geographic location, date of hire, total hours worked, job type, business line, and applicability of collective bargaining agreements.