Cyber Security Engineer

Responsibilities:

• Provide administration and operational support for endpoint security technology covering EDR (Endpoint Detection and Response), Anti-virus & DLP solutions
• Follow release management processes and best practices for deployment, enhancements and upgrades.
• Provide Subject Matter Expertise and demonstrate in-depth understanding of the TTPs (Tactics, Techniques and Procedures) used by threat actors against endpoints. Leverage EDR, Next-Gen AV and other security controls to protect systems against internal and external threats.
• Work closely with Security operations center and other security groups during investigations.
• Demonstrate mastery in log file analysis, fault isolation and diagnostic/assessment actions including root cause analysis, followed by the determination and self-directed execution of corrective actions.
• Employ and leverage APIs when applicable to aggregate & enhance data to safeguard systems.
• Drive automation efforts to continuously monitor and maintain security posture of operating systems.
• Stay current on endpoint security best practices, active threats and mitigation strategies.
• Draft & execute the strategy to enhance the investments in current technologies and drive continuous innovation with new ideas to improve and mature endpoint security posture.
• Aggregate data across disparate platforms to design and develop alerting.
• Maintain metrics and supporting analytics on System and endpoint Security.
• Manage a portfolio of application-related projects and directly manage select projects within that portfolio.

Qualifications:

• 5+ years of demonstrable and hands experience with endpoint security technologies
• Hands on experience with EDR technologies is a MUST for this position.
• Demonstrated in-depth understanding of operating system (OS) internals, the mechanics of OS exploits with preventive and detective controls
• Demonstrated experience in investigating security incidents with ability to analyze logs to uncover details of the compromise, systems involved, threat techniques etc.
• Experience with scripting like Python, PowerShell etc., is highly preferred
• Knowledge of Splunk search language is preferred.
• Experience in creating trending, metrics, and management reports
• Strong interpersonal & communication skills working with remote peers over IM, phone & video.
• Experience working within the Financial Services Industry preferred
• Demonstrated ability to provide technical direction to other peer staff members, and to train new junior staff members on the security team
• Ability to elicit confidence and build rapport across multiple disciplines.
• Self-motivated; able to learn on own initiative
• Strong skills in organizing workflow, ideas & materials
• Excellent documentation skills
• Security certifications like Ethical Hacking or other specialized endpoint security certifications are preferred
• S in Technology or Related area (proven experience can be used as a substitute).