Cybersecurity Engineer

Job Overview

We seek a hands-on Cybersecurity Engineer with proven experience deploying and operationalizing enterprise security solutions. You will implement EDR, NDR, SIEM, CSPM, IAM, and PAM technologies for commercial/government clients while ensuring alignment with MITRE ATT&CK and compliance frameworks (NIST, ISO 27001, IM8). This role requires deep technical execution skills and solution integration expertise.

Core Responsibilities

Solution Deployment & Integration:

a) Endpoint: Deploy/manage CrowdStrike/SentinelOne (policy tuning, threat hunting packages)

b) NDR: Implement Darktrace/Vectra NDR with network segmentation enforcement

c) SIEM: Architect Splunk/Sumo Logic deployments (on-prem/cloud) with SOAR playbooks

d) Cloud Security: Configure CSPM (Wiz, Lacework), CNAPP (Prisma Cloud), and IaC scanning

e) IAM/PAM: Rollout CyberArk/Okta/PingIdentity (privileged session monitoring, RBAC workflows)

Technical Optimization:

a) Develop detection rules (Sigma, YARA) for APT groups targeting SEA Integrate solutions into CI/CD pipelines (Jenkins, GitLab)

b) Conduct solution hardening using CIS benchmarks

Client Delivery & Handover:

a) Lead, Develop, Conduct UAT & SSAT for assigned projects

b) Create operational runbooks, Design Documents, Configuration guide

c) Train client staff on solution management

Technical Requirements:

Solution Deployment Experience

a) EDR/XDR: CrowdStrike, SentinelOne, Microsoft Defender or equivalent

b) NDR: Darktrace, Vectra, ExtraHop or equivalent

c) SIEM/SOAR: Splunk ES, QRadar, Chronicle, Torq - Use case development, SOAR playbook automation

d) Cloud Security: Wiz, Prisma Cloud, AWS Security Hub - CSPM policy packs, cloud asset inventory

e) IAM/PAM: CyberArk, Okta, Azure AD PIM - Privileged access workflows, RBAC policy enforcement

Technical Competencies:

a) Scripting: Python/PowerShell for API integrations (e.g., SIEM-EDR correlation)

b) Networking: TCP/IP stack, Zero Trust segmentation (Zscaler, Illumio)

c) Cloud Platforms: AWS IAM, Azure Sentinel, GCP Security Command Center

d) Compliance: Implement controls for NIST 800-53, ISO 27001, IM8

Certifications:

Required: CISSP, vendor certs (e.g., CrowdStrike CCSF, Splunk Power User)

Cloud: AWS Security Specialty/Azure SC-200

IAM: CyberArk Defender/Okta Certified Professional

Experience & Qualification Requirements:

a) Bachelor’s degree in IT, Cyber Security or equivalent

b) 5+ years deploying cybersecurity solutions:

c) EDR/NDR: 3+ enterprise deployments (500+ endpoints)

d) SIEM: 2+ full lifecycle implementations

e) Cloud Security: CSPM/IAM rollout for AWS/Azure/GCP

f) PAM: CyberArk/Thycotic deployment with vaulting solutions

g) Govt project exposure (IM8, CSA Cyber Essentials) preferred

h) Excellent communication and interpersonal skills.

i) Ability to work independently and within a team