Logo
LHH

Cyber Security Engineer

LHH, , CA, United States


LHH is looking for an experienced Cybersecurity Engineer for a growing client of ours based in Southern California. The Cybersecurity Engineer plays a critical role in protecting organizational assets by leading Computer Security Incident Response and Digital Forensics operations during security incidents. This highly technical position requires deep expertise in handling cyberattacks, malware, intrusion detection, and incident response. The Senior Advisor will assess and mitigate threats, assemble response teams, and develop innovative procedures to minimize risk and impact. They will mentor and train a diverse team of SOC analysts, fostering a world-class incident response and forensics capability. Additionally, the role demands collaboration with cross-functional teams to secure new and existing systems while enhancing organizational cybersecurity practices.


Key Responsibilities:


Incident Response and Forensics:

  • Serve as the first responder for cybersecurity incidents, assessing threats and mitigating risks.
  • Lead digital forensic investigations to identify, quantify, and neutralize security threats.
  • Develop and refine incident response processes, procedures, and reporting mechanisms.
  • Act as the primary point of contact for incident escalation and resolution.
  • Monitor, analyze, and improve security operations to reduce response times.

Team Leadership and Training:

  • Mentor and train SOC analysts on security operations concepts, incident response techniques, and forensics.
  • Build a high-performing team of cybersecurity experts to respond to advanced threats.
  • Develop training programs and facilitate hands-on learning for staff.

Technical Expertise and Innovation:

  • Write and manage threat correlations, integrating intelligence data into monitoring and operations.
  • Evaluate and implement new tools to improve cyber defenses.
  • Research and address intrusion methods, tactics, and techniques used by advanced threat actors.

Collaboration and System Review:

  • Partner with cross-functional teams to design secure systems and applications.
  • Contribute to system upgrades and implement changes with a focus on security best practices.
  • Ensure compliance with industry standards and regulatory frameworks.

On-Call Availability:

  • Be available for rapid response during emergencies, supporting the 24/7 operations team during high-priority incidents.


Technical Skills and Tools:

  • Proficiency in tools such as Wireshark, Splunk, NMAP, EnCase, REMnux, Carbon Black, Proofpoint, VMware, FireEye, IPS/IDS, WAF, and SIEM platforms.
  • Advanced understanding of the OSI model, TCP/IP protocol stack, and network configurations.
  • Expertise in Microsoft and Linux operating systems, virtualization, and cloud security.
  • Knowledge of cyber threats, malware analysis, APTs, and TTPs used by threat actors.
  • Strong ability to analyze network traffic, triage malware, and assess vulnerabilities.


Certifications and Training (Required or Preferred):

Certifications: CISSP, CISM, CISA, CEH, GIAC/GSEC, GCED, GCIH, GCFA, CHFI, CCNA (Security), or related.

Training:

  • SANS FOR408: Windows Forensic Analysis.
  • SANS SEC502: Network Perimeter Protection.
  • SANS SEC503: Intrusion Detection In-Depth.
  • SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling.


Qualifications:

Required:

  • Bachelor’s degree in Information Systems, Computer Science, or related field.
  • 15+ years of cybersecurity experience, including:
  • 10+ years in cybersecurity operations.
  • 5+ years hands-on experience in SIEM and incident response.
  • 3+ years in network intrusion detection.
  • Proven track record in cyber incident management, response, and reporting.
  • Experience with log management, vulnerability management, and event monitoring tools.

Preferred:

  • Knowledge of compliance standards such as ISO/IEC 27001, PCI-DSS, NIST 800-53, and SOC 1 & 2.
  • Experience delivering scalable technology solutions to support rapid business growth.
  • Advanced knowledge of risk management, data privacy, and business continuity planning.


Why Join Us?

This role offers the opportunity to lead cutting-edge cybersecurity operations in a fast-paced, high-stakes environment. As a Cybersecurity Engineer, you will safeguard critical systems, mentor top talent, and shape the future of the organization’s cybersecurity strategy. If you are a dynamic, innovative, and experienced professional passionate about defending against cyber threats, this is your chance to make a significant impact.



Employment Type: Direct Hire


Workplace Type: Remote


Compensation: $110-130k


Benefit offerings include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State, or local law; and Holiday pay upon meeting eligibility criteria.


**Please no C2C applicants*