Cyber Security Engineer
About the role:
A new and exciting opportunity has arisen for an Incident Response Cyber Security Engineer to work within an advanced Incident Response function, along-side a team of Cyber Security Engineering specialists to help develop, maintain and improve the functions core technical capability.
Working with the latest cutting-edge technology, the successful individual will be working along side the DevOps team, maintaining and developing the attack detection infrastructure, ensuring that the Incident Response specialists are performing at their best whilst uncovering new and emerging offensive and defensive techniques.
- Designing and supporting implementation of new client deployments, deploying the necessary endpoint and network monitoring toolsets in the initial stages of an engagement.
- You will be designing, maintaining and optimising the Elasticsearch clusters.
- Maintaining and developing the infrastructure of the threat hunting function, allowing the specialists to operate at their maximum potential.
- You will be tasked with writing and deploying custom scripts and rules for; Bro, Snort and Log Parsers.
- Constantly maintaining the attack detection application stacks, ensuring that they are fully functional and operating to the latest version efficiently.
Key Skills & Requirements:
- Strong knowledge of IDS principles, their purpose, and how they work.
- Extensive experience with Linux.
- Previous experience working within a cyber security function; maintaining and develop different attack detection infrastructure or platforms.
- Coding skills with Python.
- Previously working with various security toolsets and services covering:
- Packet Capture Solutions (Wireshark, TCPDump, Netwitness, etc)
- Endpoint Monitoring Solutions (Carbon Black, Falcon, etc)
- Digital Forensics (Encase, X-Ways, etc)
- IDS Solutions (Firepower, Suricata, etc)
- Log Analysis Frameworks (ELK, Splunk, LogRhythm, etc)
- Experience in Redhat/CentOS.
- Able to design and implement enterprise security controls.