Azure Cyber Security Engineer
Raleigh, NC
Full Time
Experienced
Azure Cyber Security Engineer
Summary
The Cyber Security Engineer – Threat Management is responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / Incident Response / vulnerability management using CNAPP, CSPM, CWPP solutions. Secondary roles include IPS, EDR, TIP tools, and other information security solutions.
Essential Functions of the Job:
Bachelor’s Degree Preferred but not required in Computer Engineering/Computer Science or related field.
CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required.
5-10 year minimum working in cyber threat or information security.
Knowledge and Skills Requirements:
Hours: 8am - 5pm (some on-call and after hour work required).
Minimal travel required.
Benefit Highlights
Summary
The Cyber Security Engineer – Threat Management is responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / Incident Response / vulnerability management using CNAPP, CSPM, CWPP solutions. Secondary roles include IPS, EDR, TIP tools, and other information security solutions.
Essential Functions of the Job:
- Profound knowledge and experience in Cloud technology, especially Azure, including design, deployment, and management of cloud security and governance tools
- Experience in Cloud, DevSecOps, Container Security, IAM patterns, WAF/CDN/DDoS services, security and governance tools
- Experience with data protection, cryptography, key management, identity, and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments
- Experienced with usage of orchestration platforms and container runtimes, infrastructure as code and cloud-native or multi-cloud environment (we use Azure)
- Responding to SOC alerts performing an analysis, and containment of security events.
- Provide tier II support for escalated security incidents.
- Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks.
- Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume using MITRE ATT&CK Framework.
- Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents.
- Integrate appropriate systems and logs into the global threat management platform or Security Event and Incident Management system to properly protect critical assets.
- Maintain an understanding of attacks, vectors and emergent threats.
- Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary.
- Produce weekly and monthly operational metrics.
- Work with vendors and internal customers to respond to escalations.
- Recommends Preventative Security Actions.
- Recommends Corrective Security Actions.
- Comprehension of basic banking systems.
Bachelor’s Degree Preferred but not required in Computer Engineering/Computer Science or related field.
CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required.
5-10 year minimum working in cyber threat or information security.
Knowledge and Skills Requirements:
- Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations.
- Proficient with cloud security and monitoring capabilities in Azure
- Proficient with Incident Response in Azure
- Proficient with web application testing and software security reviews.
- Excellent team skills and integrity in a professional environment.
- Ability to Map threats and vulnerabilities to MITRE.
- Familiar with STRIDE.
- Familiar with the Open Systems Interconnection (OSI) model.
- Understanding of security technologies: IDS/IPS, firewalls, AV, proxies, EDR.
- Understanding of scripting languages like JavaScript, Perl, etc.
- Understanding of cloud configuration and vulnerability scanning tools.
- Good social, communication and technical writing skills.
Hours: 8am - 5pm (some on-call and after hour work required).
Minimal travel required.
Benefit Highlights
- Medical with wellness incentives, dental, and vision
- HSA with company match
- Maternity and parental leave
- Tuition reimbursement
- Mentor program
- 401(k) with 6% match
Apply for this position
Required*