Blue Team Engineer - Fortalice Solutions United States Bookmark Share Print 186 0 11

Listing Description

Cyber Security Engineer, Blue Team

Core Focus:

The Cyber Security Engineer, Blue Team will configure, implement, and optimize new cybersecurity capabilities as vulnerability management systems, firewalls, intrusion detection systems, or log management infrastructure.

Summary of Responsibilities:

□ Perform risk analysis of vulnerabilities and threats, and evaluate efficiency of existing detection mechanisms, analytics, and mitigations

□ Consult and provide risk management recommendations, cost analysis based on environment

□ Monitor and respond to security alerts across a vast array of security operations areas, and perform network vulnerability and compliance scanning

□ Build blue team defenses to detect and block the opponent

□ Maintain awareness of new and emerging cyber-attack threats

□ Develop and design technical recommendations, and execute remediation and mitigation

strategies

□ Work with Application Development to create a standard for all in host applications, to log

directly to Splunk

□ Design and maintain network architecture, create segmentation analysis, and responsible for networking concepts such as VLANs, routing, and encrypted tunnels

□ Conduct Blue Team exercise and Computer Network Defense drills to evaluate and improve processes related to threat detection, incident response, patching and remediation

Qualifications & Required Experience:

□ BS in Computer Science, Computer Engineering, Information Technology or equivalent

experience required

□ Knowledge in one or more of the following areas: Penetration testing, Exploitation, Incident

Response (Hunt), Blue Teaming, Reverse Engineering

□ Expertise in application monitoring and event log management

□ Experience with administration of centralized logging tools and Event Management Systems (SIEMs)

□ Experience configuring Splunk software

□ In-depth experience in enterprise vulnerability and compliance scanning systems

□ Experience implementing centralized log aggregation and search frameworks such as Splunk, ELK etc.

□ Experience with Windows Desktop, Windows Server and Linux operating systems□ Windows server and workstation hardening through configuration

□ Experience with web gateways such as Forcepoint (Websense) or Bluecoat

□ Strong knowledge of advanced cyber threats and adversary methodologies