Cyber Security Engineer - XSOAR
San Antonio, TX, United States
Applications have closed
Spry Squared, Inc.
Company Description
Spry Squared is a Minority and Woman Owned Small Business headquartered in Denver, Colorado with offices across the United States of America. We are an experienced federal government and commercial service provider with security cleared personnel working on various projects across the USA and the globe.
Spry Squared provides organizations with Best in Class Enterprise Solutions, Managed IT Services, Cybersecurity Solutions, IT Professional Services, Recruiting Services, Project/Program Management and technology products. We are your strategic partner and value-added reseller, solving complex business challenges by leveraging technology solutions that reduce costs, optimize productivity and minimize risk.
Job Description
An immediate opening for a motivated Cyber Security Engineer.
Our client is seeking a solid Cyber Security Engineer to be part of a team implementing Cortex™ XSOAR. Cortex™ XSOAR (formerly known as Demisto) is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration and threat intel management to serve security teams across the incident lifecycle.
As a key part of the team, your responsibilities will be:
- Assist the team with building playbooks, creating documentation, and operationalizing the XSOAR platform.
- Supporting enterprise incident response efforts.
- Employing automation of advanced forensic tools and techniques for attack reconstruction and intelligence gathering.
- Applying analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
- Collaborating using information and knowledge sharing networks and professional relationships to achieve common goals.
- Providing on-call support for incident response efforts outside of core hours, as required.
Qualifications
REQUIRED QUALIFICATIONS
- Requires up to 25% ONSITE with remainder working remotely.
- MUST HAVE an active SECRET Clearance.
- BS Degree and 3+ years relevant experience in cyber security or network defense, or 3+ years’ experience with relevant certifications (CISSP, SANS GIAC, CEH, etc.).
- Experience and familiarity with IDS/IPS, SIEM, Splunk and endpoint solutions.
- Experience supporting and contributing to incident response activities.
- Solid understanding in Operating Systems and Network Protocols.
- Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
PREFERRED QUALIFICATIONS
- Experience in cyber security engineering automation and orchestration platforms, (XSOAR-formerly known as Demisto, Chronicle, Siemplify, Swimlane, Phantom)
- Exposure to behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- Experience with Splunk or other SIEM-type platforms.
- Experience in conventional network/host-based intrusion analysis, digital forensics, or malware analysis.
- Knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Salary: $100,000 - $130,000 Depending on Experience
Tags: Automation CEH CISSP Clearance CND Cyber Kill Chain Exploits Forensics GIAC IDS Incident response IPS Linux Malware SANS SIEM SOAR Splunk UNIX Vulnerabilities Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs