Cyber Security Incident Response Engineer

Job Summary

As a key member of SAFRAN USA IT Security team, the Cyber Security incident Response Engineer will work on the 'front lines' of SAFRAN US datacenter and Cloud environment, managing security vendors and Security Solutions that protects US regulated infrastructure and customers' data from the latest information security threats. The Cyber Security incident response engineer is responsible for security operations, including real-time analysis of security alert data and leading the response to potential security incidents. The Cyber Security Incident Response Engineer will also work on compliance projects, improvements to detection, and incident response capabilities. We have a strong team environment where knowledge sharing is encouraged.

Summary of Duties
• Triage incident handling support for incident detection, analysis, coordination, and response
• This team member will work with firewalls, intrusion protection, web proxy, antivirus, SIEM, vulnerability scanning and other key threat countermeasures.
• Research and analyze data sources to provide insight into new trends to customer environment collaborating with other members of the SOC
• Troubleshoot problems with customer policies and controls
• Performing on-demand vulnerability scanning and compliance monitoring to ensure agency security standards are met
• Identification of network and operating systems vulnerabilities and recommending countermeasures
• Supports the deployment and integration of security tools
• Analyze and recommend solution of information security problems based on knowledge of the major information security products and services
• Strong interpersonal and communication skills with the ability to lead and work as part of a team

• This position requires use of information or access to hardware, which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. ''Green Card Holder''), Political Asylee, or Refugee

Qualifications:

• 5+ years of experience in Cybersecurity incident handling and experience in Security Operation Center in Federal government environments
• Familiarity with FEDRAMP mandates surrounding Cloud Information Security
• Deep understanding of NIST Special Publications, specifically 800-61, 800-37, 800-53, 800-137, 800-171 and 800-172
• Knowledge of security policy and technical standard development, secure infrastructure design reviews, multi-tiered trust zone structures, and complex networking through multiple level network security structures
• Familiarity with common SOC tools - SIEM, Tenable, Palo Alto, forcepoint, WAF, NIPS etc.
• Excellent oral and written communication skills
• Familiarity with hardening techniques for a wide range of Microsoft operating systems, databases, and software suites, including: Windows Server, Windows Desktop, Microsoft SQL Server, Microsoft SharePoint
• Bachelor's degree in Information Systems, related discipline or equivalent experience
• CISM, CISSP-ISSMP, GCIH or similar industry certification preferred