Cyber Security Engineer (On-Site)
Middlesex Savings Bank
Westborough, United States of America
3 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Westborough, United States of America
Tech stack
Software System Penetration Testing
Network Operating System (NOS)
Computer Security
Information Systems
Computer Networks
Linux
DNS
Intrusion Detection Systems
Information Systems Security Architecture Professional
Log Analysis
Microsoft Software
Network Architecture
Remote Access Technology
Security Information and Event Management
Software Vulnerability Management
Enterprise Software Applications
Software Security
Firewalls (Computer Science)
Information Technology
Cybercrime
Patch Management
Vulnerability Analysis
Job description
- Threat Hunting, Monitoring, Detection, and Response:
- Monitor security alerts and dashboards (SIEM, Vulnerability Management, , etc.) for suspicious activity.
- Triage and respond to security incidents. Escalate to senior analysts or the incident response team when necessary.
- Investigate and document security observations/incidents, ensuring resolution.
- Analyze logs, network traffic, and endpoint activity for signs for malicious behavior.
- Perform regular vulnerability assessments and prioritize risk within the network, system, and applications.
- Create formal incidents and support the investigation of such incidents.
- Conduct Security Assessments: Perform regular security audits, vulnerability assessments, and penetration testing to identify and mitigate potential risks.
- Correlate telemetry data from security systems to identity cyber threats, risk patterns, and control weaknesses.
- System & Security Application Administration:
- Implementation, secure configuration, and ongoing management of the Bank's security environments and applications. Examples of systems/functions a Cyber Security Engineer may be responsible for are firewall management, IDS/IPS, perimeter security, protective DNS, vulnerability detection/response, secure email and spam protection, application whitelisting, remote access, etc.).
- Server ownership - building, hardening, securing, and ongoing management of assigned server assets.
- Identifying and mitigating vulnerabilities on assigned assets.
- Ensures assigned systems and required data is backed up successfully.
- Ensures adherence to IT security control requirements.
- Security Application ownership
- Effective configuration of application functionality, detection, and mitigation abilities.
- Identifying and mitigating vulnerabilities on assigned applications.
- Review system, application, and security logs across assigned systems to ensure that all are functional and secure.
- Manages and leverages third party vendor relationships as required.
- Participates in the planning and execution of the Business Continuity and Disaster Recovery Plan.
- Ensures assigned systems and applications are prepared for planned or unplanned DR failover.
- Manages and communicates system and applications changes using the change management process.
- Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats.
Requirements
- Bachelor's Degree in computer science, information systems or equivalent work experience is required
Work Experience
- Experience managing and securing Microsoft Windows or Linux is is required
- 5+ years experience supporting security components and applying security best practices across an enterprise application/network infrastructure is required
Knowledge, Skills, and Abilities
- Working knowledge of IT security controls and how to manage their effectiveness.
- Strong understanding of cybersecurity protocols, including intrusion detection systems, firewalls, patch management, and vulnerability management.
- Formal technical training on Microsoft technologies, Network Operating Systems and Internet perimeter components required.
- Working knowledge of CIS Top 18 Controls or alternative security frameworks.
- Certified Information Systems Security Professional (CISSP) desired but not required.
- An ability to perform independent analysis of complex problems and distill relevant findings and root causes
- Must possess excellent analytical, organizational and documentation skills.
- Experience analyzing and interpreting alert notifications from organizations such as FS-ISAC and CERN
Licenses and Certifications
- Industry standard certification required in a technical discipline to include one of the following Network Operating System (Microsoft), or Network infrastructure, or Information Security. Required