Cyber Security Engineer

Stellent IT LLC
San Antonio, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English

Job location

San Antonio, United States of America

Tech stack

API
JIRA
Bash
Ubuntu (Operating System)
CentOS
Complex Networks
Computer Security
System Configuration
Data Sharing
Dynamic Host Configuration Protocol
Linux
DNS
Internet Control Message Protocol
Issue Tracking Systems
Intrusion Detection and Prevention
Java Management Extensions
Network Security
Linux System Administration
NetFlow
Network Monitoring
Routing
Network Management System
Package Management Systems
Performance Tuning
Red Hat Enterprise Linux - RHEL
Security Information and Event Management
Simple Network Management Protocols
TCP/IP
Virtual Local Area Networks
Windows Management Instrumentation
Scripting (Bash/Python/Go/Ruby)
Computer Network Operations
QRadar
GIT
Kafka
CIS Benchmarks
REST
Ddos
Splunk
ServiceNow

Job description

Cybersecurity & Monitoring

  • Configure, maintain, and optimize OpenNMS to monitor network availability, performance, and security-relevant events
  • Develop alerts and thresholds to identify suspicious network behavior, outages, and anomalies
  • Correlate OpenNMS alerts with security incidents and infrastructure changes
  • Support early detection of potential DDoS attacks, network abuse, misconfigurations, and service disruptions
  • Perform root-cause analysis for network and security events

Incident Response & Threat Analysis

  • Assist SOC and Incident Response teams with:
  • Network telemetry analysis
  • Timeline reconstruction using historical performance data
  • Identification of impacted systems and traffic paths
  • Escalate high-risk events and provide actionable intelligence to security leadership

  • Support post-incident reviews and mitigation planning

Integration & Automation

  • Integrate OpenNMS with:
  • SIEM platforms (e.g., Splunk, Elastic, QRadar)
  • Ticketing systems (e.g., ServiceNow, Jira)
  • NetFlow/IPFIX collectors
  • Develop scripts or APIs to automate alerting, reporting, or data sharing

Asset Visibility & Compliance

  • Maintain accurate network asset discovery and inventory
  • Identify unauthorized or misconfigured devices and services
  • Support compliance audits by providing monitoring and availability evidence
  • Contribute to the continuous improvement of network security posture

Requirements

must have one of those certs 100% onsite in San Antonio, TX some kind of incident response, Soc or the like AND MUST HAVE OPENMS (might be OPEN NMS)

EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.

We have a permanent position for a Information Cyber Security Engineer in San Antonio, TX - 100% onsite. You must have an active SECRET to apply. This role is 2nd shift - Mon thru Fri 2 pm to 10 pm. If interested, SEND RESUME.

We are seeking a Cybersecurity Engineer with strong OpenNMS experience to support enterprise-scale network visibility, threat detection, and infrastructure resilience. This role focuses on using OpenNMS (Horizon or Meridian) as a critical cybersecurity-enabling platform to detect anomalous behavior, support incident response, and enhance situational awareness across complex network environments.

The ideal candidate will have a strong foundation in network security, monitoring, and performance management, and will work closely with Security Operations (SOC), Network Operations (NOC), and Infrastructure teams to detect, analyze, and respond to security-relevant events., * DoD-8570 IAT Level 2 certification (Security+ CE, CCNA Security, GSEC, or SSCP) within 6 months of hire date.

  • Experience in Cybersecurity, Network Engineering, or Network Monitoring.
  • Hands-on experience deploying, scaling administering OpenNMS (Horizon or Meridian)
  • Strong understanding of:
  • TCP/IP, DNS, DHCP, VLANs, routing, and switching
  • SNMP, ICMP, NetFlow, WMI
  • Experience with security concepts including:
  • Network-based attacks (DDoS, scanning, lateral movement)
  • Defense-in-depth architecture
  • Familiarity with Linux systems administration
  • Experience working with SOC/NOC or incident response teams

Tools & Technologies

  • OpenNMS Horizon / Meridian
  • SNMP, NetFlow, IPFIX
  • Linux (RHEL, Ubuntu, CentOS)
  • SIEM platforms (Splunk, Elastic, QRadar)
  • Ticketing systems (ServiceNow, Jira)
  • Git, REST APIs, scripting tools

Soft Skills

  • Strong analytical and troubleshooting skills
  • Ability to communicate technical findings to security and leadership teams
  • Collaborative mindset across SecOps, NetOps, and Infrastructure
  • Attention to detail and proactive problem-solving

DESIRED SKILLS/EXPERIENCE:

  • RHCSA (Red Hat Certified System Administrator) or RHCE (Red Hat Certified Engineer).
  • Advanced CLI troubleshooting, RHEL Linux environments, systems configuration, package management, kernel parameter tuning, firewall management (firewalls/IP tables)
  • Advanced Bash/Python scripting for automation.
  • Configuring data collection (SNMPv3, WMI, JMX)
  • Setting up distributed monitoring using OpenNMS Minions, Kafka integration, and managing thresholds/alarms.
  • Experience integrating OpenNMS with SIEM or SOAR platforms
  • Understanding of security frameworks (NIST CSF, ISO 27001, CIS Controls)

EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.

Apply for this position