Location: Pittsburgh, PA
Job Type: Full Time / Permanent
The Security Engineer will provide technical support on the team involved in information security response, security monitoring, and supports audit/compliance and cyber forensic activities for the company. The successful candidate will have extensive knowledge and experience with SIEMs, security operations processes, incident response, event analysis, threat intelligence, and security skills development.
Additionally, this position is required to work to provide appropriate access to and protect the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards. This role serves as an internal information security consultant to the organization and requires security systems administration, network administration, application security skills and project management experience.
- Work as part of a team of Information Security professionals supporting the enterprise
- Assist with Engineering security tooling and compensating controls for our corporate and public facing systems
- Triage and respond to concurrent security incidents
- Escalate issues to senior staff/management as required
- Document incident results and report details to the security organization
- Respond to internal customers, partner’s and auditor’s request for information regarding the corporate security event management capabilities
- Document existing and new processes, mature existing documentation.
- Research, analyze and understand log sources (such as firewalls, Cloud platforms, EDR solutions, secure mail gateways, and operating systems)
- Assist and participate with security incident management processes
- • Ensure proper metrics, analysis, and reporting for continuous process improvement
Education & Experience:
- Bachelor’s Degree or Equivalent Work Experience
- 2-5 Years
- GCIH certifications desired
- Experience in the administration of multiple operating systems
- Must understand the potential types of attack and protection/mitigation for digital online client facing systems (such as OWASP Top 10, Bot Mitigation, WAF configuration, password policies, etc.)
- Ability to utilizing scripting and developer skillset for automation
- Must possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST)
- Experience in IT security triaging incidents with security and analysis tools such as web application firewall, bot management, SIEM
- Be capable of partnering with business and IT teammates as a trusted advisor on information security governance, risk, and compliance matters as required
- Experience in scripting languages such as Python, PowerShell, Bash, etc.
- Candidates must have an understanding of incident response methodologies and technologies
- Strong understanding of web attacks including but not limited to XSS, SQL Injection, command injection, and the ability to analyze and differentiate malicious web traffic from legitimate traffic as well as edge mitigation technologies to protect application level attacks like Bots, ATO and Credential Stuffing attacks targeting both desktop and mobile applications
- Strong understanding of cloud technologies
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with associates
- Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
- Candidate must be able to react quickly, decisively, and deliberately in high stress situations
- Highly motivated individual with the ability to self-start, prioritize, and multi-task
- Will be required to support the day-to-day operations of security controls within the following areas: whitelisting, mobile security, web filtering, Windows, VMware, compliance monitoring and application reviews