Security Engineer job in Houston at Search Services

Position Summary:

This role will be responsible for threat intelligence and alerts generated by our Cisco security toolset as well as, Office 365 security features, web-based security, email security and other security devices for threat detection and hunting. The position requires a solid understanding of cyber security tools, techniques and procedures, and an ability to develop informed and threat-driven analysis of security events. This work will focus on monitoring security events and producing a more complete understanding of our threats.

Other activities may include researching new threats/cyber related topics; performing discovery, detection and disruption activities; and developing reports on cyber-related information to management. Additionally, this role will may include more traditional security operations aspects including SSO, MFA, identity management, etc.

Duties and Responsibilities:

• Operate and maintain on-premise and/or cloud-based security solutions
• Review and analyze incoming alerts and cyber threat information for relevance to the security posture based on established business and intelligence requirements
• Collaborate with IT and business stakeholders to understand and mitigate the security threats
• Gather, contextualize, and convert alerts into security tasks that can be easily acted upon by appropriate staff
• Develop and maintain appropriate documentation of security analysis and incident response functions
• Use established workflows to process threat information (i.e., identify, highlight, document, and mitigate Information security issues and risks)
• Develop and maintain behavioral- and signature-based threat-driven use-cases
• Deliver results that are consistent, within given time frames and well documented
• Identify opportunities for and drive improvements of internal processes, procedures, and workflows
• Perform, on both a regular and ad-hoc basis, accurate information security reporting primarily from existing features of the current security tools

Qualifications:

• Bachelor’s degree in IT related discipline
• 7+ years of experience in related field
• Experience with Cisco security solutions to include CES, Umbrella, AnyConnect VPN and AMP. Cisco ASA and FTD firewall experience is a plus
• Preferred certifications (e.g., GCDA, GCFA, CSA+, GMON, and CEH)
• Demonstrated problem solving and analytical skills, and willingness to learn new technologies and development methodologies
• Specific experience with SIEM/SIEM-like technologies. Rapid7 InsightIDR experience is a plus
• Experience in evaluating, assessing, and contextualizing device and network vulnerabilities
• Experience with the security features of the Office 365 environment (e.g., RMS)
• Experience with Microsoft AD design and architecture
• Familiarity with identity and access management solutions
• Experience with basic data and network analysis tools (e.g., Wireshark)
• Experience with NIST SP 800-171 or 800-53 controls is a plus
• PowerShell scripting experience
• Strong verbal and written communication skills and experience explaining technical concepts to business teams