Cyber Security Engineer - XSOAR

San Antonio, TX, United States

Applications have closed

Company Description

Spry Squared is a Minority and Woman Owned Small Business headquartered in Denver, Colorado with offices across the United States of America. We are an experienced federal government and commercial service provider with security cleared personnel working on various projects across the USA and the globe.

Spry Squared provides organizations with Best in Class Enterprise Solutions, Managed IT Services, Cybersecurity Solutions, IT Professional Services, Recruiting Services, Project/Program Management and technology products. We are your strategic partner and value-added reseller, solving complex business challenges by leveraging technology solutions that reduce costs, optimize productivity and minimize risk.

Job Description

An immediate opening for a motivated Cyber Security Engineer.

Our client is seeking a solid Cyber Security Engineer to be part of a team implementing Cortex™ XSOAR.  Cortex™ XSOAR (formerly known as Demisto) is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration and threat intel management to serve security teams across the incident lifecycle.

As a key part of the team, your responsibilities will be:

  • Assist the team with building playbooks, creating documentation, and operationalizing the XSOAR platform.
  • Supporting enterprise incident response efforts.
  • Employing automation of advanced forensic tools and techniques for attack reconstruction and intelligence gathering.
  • Applying analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
  • Collaborating using information and knowledge sharing networks and professional relationships to achieve common goals.
  • Providing on-call support for incident response efforts outside of core hours, as required.

Qualifications

REQUIRED QUALIFICATIONS

  • Requires up to 25% ONSITE with remainder working remotely. 
  • MUST HAVE an active SECRET Clearance.
  • BS Degree and 3+ years relevant experience in cyber security or network defense, or 3+ years’ experience with relevant certifications (CISSP, SANS GIAC, CEH, etc.).
  • Experience and familiarity with IDS/IPS, SIEM, Splunk and endpoint solutions.
  • Experience supporting and contributing to incident response activities. 
  • Solid understanding in Operating Systems and Network Protocols.
  • Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.

PREFERRED QUALIFICATIONS

  • Experience in cyber security engineering automation and orchestration platforms, (XSOAR-formerly known as Demisto, Chronicle, Siemplify, Swimlane, Phantom)
  • Exposure to behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
  • Experience with Splunk or other SIEM-type platforms.
  • Experience in conventional network/host-based intrusion analysis, digital forensics, or malware analysis.
  • Knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.

Additional Information

    All your information will be kept confidential according to EEO guidelines.

    Salary:  $100,000 - $130,000 Depending on Experience

    Tags: Automation CEH CISSP Clearance CND Cyber Kill Chain Exploits Forensics GIAC IDS Incident response IPS Linux Malware SANS SIEM SOAR Splunk UNIX Vulnerabilities Windows

    Perks/benefits: Team events

    Region: North America
    Country: United States
    Job stats:  18  1  0

    More jobs like this

    Explore more InfoSec / Cybersecurity career opportunities

    Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.