Sr. Information Security Engineer REMOTE

Remote - Austin, Texas, United States

Full Time Contract Mid-level / Intermediate
Regatta Solutions Group, Inc logo
Regatta Solutions Group, Inc
Regatta Solutions Group implements custom solutions designed to meet your specific Identity & Access Governance (IAG) and business objectives.
Apply now Apply later

Regatta Solutions Inc. is looking for a Sr. Information Security Engineer. This position will be based in Austin, TX. The Candidate will be responsible for leading Incident Response, administration, maintenance, and integration of multiple security platforms for security operations. Responsible for technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network & Identity management system and applications systems security monitoring.

Roles and Responsibility

  • Lead security incident response in a cross-functional collaboration environment driving towards incident resolution
  • Develop IR initiatives that improve our capabilities to respond and remediate security events faster
  • Perform forensic analysis of digital information
  • Validating the ingestion of log sources and maintaining the flow of required logs to the SIEM
  • Contributing to the configuration and maintenance of security operations controls such as antivirus, application whitelisting, Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), and Security Information and Event Management (SIEM) and Security Orchestration and Automation Platforms • Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify and investigate potential threats
  • Build automation for identification, response, and remediation of malicious activity
  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
  • Work with Computer Security Incident Response Team (CSIRT) to manage & contain information security incidents and events to protect company IT assets, Intellectual Property, and company's reputation
  • Respond to advisory service requests to address and drive thru for closure as needed.
  • Perform technical research into advanced, targeted attacks, crimeware campaigns, malware and other emerging technologies and techniques to identify and report on cyber-attacks and attackers
  • Perform proactive research to identify, categorize and produce reports on new and existing threats
  • Supply actionable recommendations to other teams within Applied Materials, to bolster cyber security efforts
  • Display strong technical aptitude with: IT Security, Enterprise Firewalls, Intrusion Detection and Prevention, Antivirus, Web and Email Security, Server and application monitoring, Windows and Linux based Web Services Skills

Requirements

  • Bachelor's degree or equivalent experience in Security
  • Knowledge of networking technologies, specifically TCP/IP and the related protocols
  • Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
  • Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.)
  • Experience with attacker tactics, techniques and procedures
  • 10+ years of experience in cyber security
  • Strong problem-solving and analytical skills, initiative, eagerness to learn, improve, and ability to work independently within a team structure
  • Background in malware analysis, intrusion detection, and/or threat intelligence
  • Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
  • Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
  • Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Logs and events processing, Incident Management, Detection and/or response tool development
  • Previous experience in a Security Operations Center (SOC) & MITRE Framework
  • Experience analyzing network and host-based security events

Preferred certifications CISSP, CCSP, GSEC, ISSAP, GCIH

THIS IS A REMOTE ROLE

Job perks/benefits: Team events
Job region(s): Remote/Anywhere North America
Job stats:  17  1  0
  • Share this job via
  • or

Explore more Information Security career opportunities