Zero Trust Cybersecurity Engineer

Responsibilities

Develop Zero Trust implementation roadmaps

Design and implement technical Zero Trust security solutions

Work to infuse Zero Trust design principles across all pillars in a Zero Trust model (e.g. Users, Devices, Networks, Applications, Data, etc.)

Coordinate with appropriate organizational stakeholders to ensure Zero Trust is implemented broadly, end-to-end across customer environments

Support the design and implementation of the client provided Privileged Access Management (PAM) system (currently CyberArk). Troubleshoot where necessary and install and develop new plug-ins and connectors for PAM solutions. Document technical processes and procedures and provide revisions of support documents as necessary

Support the design and implementation of client selected endpoint security tools (currently Tanium), to include research, analysis, design, implementation, and documentation of new configurations to improve ZT maturity and reduce cyber risk. Troubleshoot where necessary

Develop, design, and maintain dashboards and analytics with client provided tools (currently Tableau) and integrate with existing governance, risk, and compliance (GRC) tools (currently Archer) to collect, refine, and prepare data for analytics and visualization. Manage and utilize the platform to extract meaningful insights. Prepare reports using various visualization and data modeling methods

Provide engineering and administration of the client provided Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security premium app, spanning security, performance, and operational roles. Identify and onboard new data sources into Splunk, analyze the data for anomalies and trends, and build dashboards highlighting the key trends in the data. Edit and maintain Splunk configuration files and apps

Develop and implement security policies (aka "rules”) in tools (e.g., Kion) and programming languages (e.g., Python) for cloud-based resources (e.g., Azure and Amazon Web Services (AWS)) to support configuration monitoring and ongoing understanding of risk. Develop integrations necessary to produce dashboards and cyber "heat maps