Do you enjoy cybersecurity, DevSecOps, writing scripts, developing code, and automating the cool stuff? If so, The security operations team is looking for a Sr Cybersecurity Engineer. The team leverages purple team principles and consists of penetration testers, offensive engineers, cloud security engineers, detection engineers, and incident response engineers. Collaboratively, we identify, protect, monitor, detect and respond to sophisticated cyber security threats.
Works as a subject matter expert, and advisor to all information technology teams on cloud security, security orchestration & automation, and end point security.
Essential Duties and Responsibilities:
Builds complex automation scripts, tools or methodologies with minimal guidance that enhance threat detection and incident response capabilities.
Leads the building of tools and automation that enables operational efficiency for security services defined by the information security program using Shell Scripting, Python and Windows PowerShell.
Develops and deploys hardening configurations, automates security operations and day to day operations utilizing DevSecOps tools such as Ansible, Puppet and other automation platforms.
Identifies threats and adversaries by applying logic to logs and security telemetry to identify false positives, classify confirmed threats, and deliver an event timeline.
Independently builds automation projects against cybersecurity product APIs leveraging Python or PowerShell on a wide array of cybersecurity solutions for Amazon AWS and Microsoft Azure technologies.
Provides technical leadership and mentoring for more junior engineers in developing automation projects while maintaining up-to-the-minute understanding of cybersecurity best practices.
Independently designs and develops defensive controls across defensive platforms for example: SIEM, EDR, SOAR, DLP and Cloud.
Develops and applies detection and response concepts in cloud environments (Amazon AWS and Microsoft Azure) for the most complex of NRECA projects.
Direct Reports to this Position:
Formal Education Required:
Bachelor's Degree in Computer Science, Information Systems, Systems and Technology, Business Administration, or related field. Master's degree preferred.
Experience and Certifications Required:
8+ years' progressive experience in 1 of the following areas: cybersecurity, cloud security, DevSecOps and automation as well as solid experience working in IT environments.
Experience with Linux/Unix and Windows systems, in shell scripting or automation of tasks using Perl, Python, or PowerShell, Ansible, Puppet, Chef, Salt, AWS Guard Duty, AWS Config, AWS Lambda, AWS ECS, AWS EKS, Azure Defender, and Azure Sentinel. Experience in using REST APIs to integrate disparate security technologies.
Technical certification such as: Security+, PenTest+, Amazon AWS Certifications and/or Microsoft Azure certifications preferred.
FLSA Status: Exempt
Knowledge, Skills and Abilities Required( as demonstrated by prior work experience ):
Knowledge of tactics, techniques, and procedures used by internal and external threat actors and the ability to automate remediations.
Knowledge of vulnerability management and scanning best practices such as CVE database and the CVSS System used for scoring vulnerabilities.
Knowledge of network and application security principles such as OWASP Testing Guidelines, OWASP Application Security knowledge framework and ATT&CK framework.
Ability to Implement realistic adversary emulation plans to bolster breach prevention and detection.
Ability to Develop custom tools and plugins for existing tools to fine-tune your red and purple teaming activities.
Ability to communicate, both verbally and in writing, with a diverse membership, employees and/or vendors in a clear and precise manner.
Ability to provide service excellence by building relationships, being resourceful, responsive and respectful.
Essential Physical Requirements:
The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal and extensive reading.
Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work.
This position requires full COVID-19 vaccination.
The preceding job description has been written to reflect management's assignment of essential functions. It does not prescribe or restrict the tasks that may be assigned. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.
NRECA is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment, please e-mail firstname.lastname@example.org or call: 703-907-5992 - NRECA Arlington Human Resources. Please call 402-483-9275 - NRECA Lincoln Human Resources, for Lincoln, NE employment opportunities. We will make a determination on your request for reasonable accommodation on a case-by-case basis.
EEO is the Law. The law requires NRECA to post a notice describing the Federal laws prohibiting job discrimination. For information regarding your legal rights and protections, please click on the following link: EEO is the Law and EEO is the Law Supplement .
Pay Transparency Non-Discrimination. NRECA will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. Please see the Pay Transparency Nondiscrimination Provision for more information.
E-Verify. As a Federal Contractor, NRECA is required to participate in the E-Verify Program to confirm eligibility to work in the United States. For information please click on the following link: E-Verify .