Cyber Security – Project Engineer

Cyber Advisors is seeking a cybersecurity professional with solid IT and security knowledge to extend the existing capabilities of the cybersecurity team.

Apply Now

Cyber Advisors is seeking a cybersecurity professional with solid IT and security knowledge to extend the existing capabilities of the cybersecurity team. The Project Engineer – Security role is a senior-level consulting position within the Cyber Advisors Project team. This post-sales position is customer-facing and consists of the delivery of security-related projects, as well as providing consulting for security-specific services such as penetration testing and incident response.

This role requires a strong technical skill set, as well as business acumen and interpersonal skills. Being able to break down highly technical security concepts to non-technical users is critical to client success. Solving difficult problems and identifying risk is a daily function for this role.

Benefits Include:

  • Highly competitive pay based on experience
  • Great opportunities for career advancement
  • Cyber Advisors fully pays Medical and Dental plan for employee
  • 401k with employer matching
  • Disability and Life Insurance
  • Bonuses eligible
  • Vacation and paid time off
  • Working with dynamic clients and the latest coolest technology

If you are a hard-working, easy-going and experienced individual with a strong work ethic, we’d love to talk to you.

Must be able to pass a criminal background check and drug screen.

Primary Job Focus:

The primary job focus for the Project Engineer – Security role is to assess, design, and implement a full stack of cybersecurity solutions for clients for enhanced risk mitigation. These services will include projects within the following areas:

  • Vulnerability scanning and risk assessment
  • Penetration testing of internal/external networks, cloud and web services
  • Security assessment of firewall and identify management solutions
  • Vulnerability management solution design and deployment
  • Remediation design and deployment of security-related solutions
  • Incident response for MSSP and external clients
  • Physical security review and exploitability testing
  • Endpoint security review and recommendations
  • Social engineering exercises
  • Educational presentations on security subject matter

Technical Skills:

  • Experience with vulnerability assessment and vulnerability management toolsets.
  • Strong capabilities with current penetration techniques, tools and methodology.
  • Experience with social engineering through various strategies and solutions.
  • Through understanding of identity management including AAA, AD/ADFS, MFA, SSO, RADIUS.
  • Direct experience with anti-virus software, intrusion detection/prevention systems, firewalls, VPN, NAC, WAF and content filtering.
  • Experience with incident response including design, policies, tools, forensic review and reporting.
  • Knowledge of risk assessment tools, technologies, and methods.
  • Experience designing secure networks, systems, and application architectures.
  • Understanding of endpoint security solutions to include File Integrity
  • Monitoring (FIM) and Data Loss Prevention (DLP).
  • Experience planning, researching, and developing cybersecurity policies, standards, and procedures.
  • Knowledge of scripting languages such as Python and PowerShell a plus.
  • Professional experience in a system administration role supporting multiple platforms and applications.
  • Knowledge of compliance requirements, including HIPAA, PCI-DSS, SOX, GDPR, and SOC (Types I and II).
  • Ability to communicate network security issues to peers and management.
  • Ability to read and use the results of mobile code, malicious code, and anti-virus software.
  • Familiarity with the following cybersecurity products and technologies:
    o Kali Linux
    o Nessus/OpenVAS
    o Burb Suite Pro
    o EnCase/Magnet forensic toolsets
    o SIEM tools
    o MFA toolsets
    o Security Onion
    o KnowBe4

Qualifications:

  • Dedication to customer satisfaction and getting it right the first time.
  • Demonstrate ability to explain complex technical concepts to a non-technical audience.
  • Strong trouble-shooting skills across a broad and diverse population and environment.
  • Demonstrate ability to proactively look for process improvement opportunities, challenge conventional practices, and adopt new methods and best practices. Also focused on continuous self-improvement.
  • Demonstrate verbal and written communication skills; ability to communicate with all levels of the organization, clearly and concisely present issues, alternatives, and recommendation(s).
  • Strong technical documentation skills, ability to clearly record key information within ticketing and knowledge base systems.
  • Appreciation of internal customer business, goals and objectives, strategies, and needs.
  • Demonstrate ability to manage and prioritize multiple tasks, aggressive targets and deadlines.
  • Demonstrate understanding of priorities and effective work procedures, self-manage work time and prioritize multiple tasks and problems.

Education and Certifications:

The successful candidate will hold:

  • Bachelor of Science in Information Technology, Computer Science, Cyber Security or an equivalent level of work experience.
  • 8+ years of successively more responsible experience as a consulting engineer.
    Security-focused certifications such as:

    • OSCP
    • CEH
    • GESC/GPEN
    • CISM
    • CISSP
    • CASP
    • CISA

Working Conditions and Physical Effort:

  • Being responsive to company/project emergencies and availability after-hours is part of this position. Some out-of-state travel might also be required.
  • Experience on usage of monitoring tools such as Nagios, Splunk, etc.
  • Familiarity with hypervisor platforms including Microsoft Hyper-V and VMWare ESX.
  • Experience with the Microsoft Windows 2008 -2019 Server platform, Active Directory design and security.
  • Exposure to eDiscovery with e-mail systems including Exchange 2007-2019, Office 365 and G Suite.
  • Experience with cloud platforms such as Azure, AWS, Google, etc. is ideal.
  • Understanding of mobile devices and how they interact with the network is a plus.
  • Network routing and switching experience is a plus.
  • Clean background for sensitive security operations.