Enkompas
Sr Cyber Security Engineer (Must be a US Citizen)
Enkompas, Pittsburgh, Pennsylvania, us, 15289
Sr Cyber Security Engineer (Must be a US Citizen)
Contract (Three months)
Location Pittsburgh (hybrid)
Payrate (Commensurate with experience level)
The Cyber Detection and Response Engineering role for our client will be responsible for developing and maintaining new threat detection capabilities, triaging and tuning security events and incidents, and leading security investigations and incident response efforts. The primary focus of this role will be on securing Stack's infrastructure, data, and users across private cloud, public cloud, SaaS, on-prem, and remote user environments.
What Success Looks Like:
Experience working with and managing Security Information and Event Management (SIEM) tools such as Splunk, Sumo Logic, Arcsight, etc.Experience deploying, managing, and utilizing Endpoint Detection and Response (EDR) tools such as Crowdstrike, Sentinel One, Carbon Black, etc.Thorough understanding of Macos, Linux, and Windows hardening and security best practices.Experience creating threat and DLP signatures for network, endpoint, email, and cloud/SaaS security solutions to identify potential attacks, exploits, or data exfiltration attempts.Extensive experience developing and automating incident response policies.Deliver complex projects, including coordinating and driving issues to resolution utilizing excellent technical troubleshooting skills.Work with our client's highly technical software and hardware engineering teams to understand their goals, and deploy tools and solutions to get the data accessible to them for development.Experience with troubleshooting complex issues and providing detailed root cause analysis.A drive to learn and work with industry leading technologies.An understanding of network orchestration and automation with Python, Ansible, and Terraform.Experience working with Security Access Service Edge (SASE) solutions such as Zscaler, Prisma Access, Netskope, etc.Thorough understanding of email security and best practices. Experience working with Secure Email Gateways (SEGs), Mail Transfer Agents (MTAs), and end user training solutions like Knowbe4 is highly desirable.Experience with both traditional DLP and Cloud Access Security Broker (CASB) solutions, especially developing data classification policies, signature detection, and response runbooks.Extensive experience with network security tooling and practices such as layer 7 firewalls and Unified Threat Management (UTM) solutions, Intrusion Detection and Prevention Systems (IDS/IPS), malware sandboxing, Network Detection and Response (NDR) solutions, netflow and telemetry aggregation, systems, micro segmentation, web application firewalls (WAFs), load balancers, network taps, DNS security solutions, etc.Thorough knowledge of Public Key Infrastructure (PKI), certificate lifecycle management, 802.1x implementation, mTLS, etc.Experience with Google Workspace, especially developing Trust Rules to secure and control sensitive data and enhancing DLP capabilities.
Contract (Three months)
Location Pittsburgh (hybrid)
Payrate (Commensurate with experience level)
The Cyber Detection and Response Engineering role for our client will be responsible for developing and maintaining new threat detection capabilities, triaging and tuning security events and incidents, and leading security investigations and incident response efforts. The primary focus of this role will be on securing Stack's infrastructure, data, and users across private cloud, public cloud, SaaS, on-prem, and remote user environments.
What Success Looks Like:
Experience working with and managing Security Information and Event Management (SIEM) tools such as Splunk, Sumo Logic, Arcsight, etc.Experience deploying, managing, and utilizing Endpoint Detection and Response (EDR) tools such as Crowdstrike, Sentinel One, Carbon Black, etc.Thorough understanding of Macos, Linux, and Windows hardening and security best practices.Experience creating threat and DLP signatures for network, endpoint, email, and cloud/SaaS security solutions to identify potential attacks, exploits, or data exfiltration attempts.Extensive experience developing and automating incident response policies.Deliver complex projects, including coordinating and driving issues to resolution utilizing excellent technical troubleshooting skills.Work with our client's highly technical software and hardware engineering teams to understand their goals, and deploy tools and solutions to get the data accessible to them for development.Experience with troubleshooting complex issues and providing detailed root cause analysis.A drive to learn and work with industry leading technologies.An understanding of network orchestration and automation with Python, Ansible, and Terraform.Experience working with Security Access Service Edge (SASE) solutions such as Zscaler, Prisma Access, Netskope, etc.Thorough understanding of email security and best practices. Experience working with Secure Email Gateways (SEGs), Mail Transfer Agents (MTAs), and end user training solutions like Knowbe4 is highly desirable.Experience with both traditional DLP and Cloud Access Security Broker (CASB) solutions, especially developing data classification policies, signature detection, and response runbooks.Extensive experience with network security tooling and practices such as layer 7 firewalls and Unified Threat Management (UTM) solutions, Intrusion Detection and Prevention Systems (IDS/IPS), malware sandboxing, Network Detection and Response (NDR) solutions, netflow and telemetry aggregation, systems, micro segmentation, web application firewalls (WAFs), load balancers, network taps, DNS security solutions, etc.Thorough knowledge of Public Key Infrastructure (PKI), certificate lifecycle management, 802.1x implementation, mTLS, etc.Experience with Google Workspace, especially developing Trust Rules to secure and control sensitive data and enhancing DLP capabilities.