International Executive Service Corps
Security Engineer
International Executive Service Corps, Alpharetta, Georgia, United States, 30239
**MUST BE LOCATED IN THE U.S. IN OR NEAR THE ALPHARETTA, GA AREA **
Security is tough. Trying to get users to do the right thing, trying to get software developers to write better code, trying to explain for the thirty-eighth time the control the auditors want you to implement isn’t supported in the application you’re using are all run of the mill obstacles. And that’s just Monday morning before you’ve been able to sit down and review your IDS and SIEM alerts, do forensics on a couple PC’s you’re curious about, or review the outbound firewall policies you meant to get to last week.
At Sierra-Cedar, we’ve got some difficult challenges and need your help to solve them. We’re looking for someone who not only embraces those challenges but has the tenacity and finesse to pull it off spectacularly. Think you’re good with security now? We’ll challenge you to be better. If that statement makes your heart beat a little faster, then yes, you’re fit to be one of us.
Candidate must be located in or near the Alpharetta, GA area. This is a full-time position, with requirements to be in the Alpharetta, GA office a few times per week.
POSITION OVERVIEW
This role is responsible for monitoring, investigating, and responding to security alerts while maintaining and enhancing the security infrastructure. The successful candidate will serve as both a frontline security analyst and a technical security engineer, ensuring comprehensive protection of our organization's digital assets.
Note:
This role requires the ability to work in a fast-paced, 24/7 security operations environment and may include on-call responsibilities as needed. QUALIFICATIONS REQUIRED EXPERIENCE & SKILLS Education : Bachelor's degree or higher is required
SOC Experience : Minimum 2+ years of hands-on experience in a Security Operations Center (SOC) environment with daily incident response and alert investigation
Technical Foundation : Strong expertise in operating systems (Windows, Linux, macOS), networking protocols, applications, and core information security principles
Security Architecture : Demonstrated experience with security system design, implementation, and maintenance
Communication : Ability to effectively communicate complex technical concepts to both technical and non-technical stakeholders, including executive leadership
Scripting Proficiency : 2+ years of experience in at least one of the following: PowerShell, Python, Bash, or other shell scripting languages
Work Authorization : Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
Location : Must already be living in the United States
REQUIRED TECHNICAL EXPERTISE Experience with the following security technologies and platforms: Detection & Response Security Information and Event Management (SIEM) platforms (Splunk, QRadar, Sentinel, etc.)
Security Orchestration, Automation, and Response (SOAR) platforms
Endpoint Detection and Response (EDR) solutions
Network Detection and Response (NDR) tools
Network Security Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF)
Intrusion Detection/Prevention Systems (IDS/IPS)
Network monitoring and analysis tools (Wireshark, tcpdump)
DNS security and monitoring solutions
Threat Intelligence & Analysis Threat intelligence platforms and feeds
Malware analysis tools and sandboxing environments
Digital forensics and incident response (DFIR) methodologies
Vulnerability assessment and management tools
Cloud Security
(Preferred) Cloud security monitoring (AWS CloudTrail, Azure Security Center, etc.)
Container security and monitoring
Identity and Access Management (IAM) systems
POSITION RESPONSIBILITIES SECURITY OPERATIONS Incident Response : Lead comprehensive investigations of security incidents using established procedures, forensic methodologies, and threat hunting techniques
Alert Triage : Monitor, analyze, and respond to security alerts from multiple sources, determining severity and appropriate response actions
Threat Hunting : Proactively search for indicators of compromise and advanced persistent threats across the environment
Documentation : Maintain detailed incident reports, playbooks, and post-incident analysis documentation
SECURITY ENGINEERING Technology Management : Deploy, configure, and maintain security technologies including SIEM, EDR, firewalls, and other defensive tools
Automation Development : Design and implement automated workflows to improve detection capabilities and response efficiency
Integration Projects : Lead implementation of new security technologies and integrate them with existing security stack
Performance Optimization : Continuously tune and optimize security tools to reduce false positives and improve detection accuracy
ANALYSIS & INTELLIGENCE Log Analysis : Conduct deep-dive analysis of security logs, network traffic, and system events to identify threats and anomalies
Threat Intelligence : Research emerging threats, vulnerabilities, and attack techniques to enhance organizational defenses
Risk Assessment : Evaluate security risks and provide recommendations for mitigation strategies
GENERAL RESPONSIBILITIES LEADERSHIP & COLLABORATION Project Management : Effectively manage multiple security projects, resources, and timelines with minimal oversight
Team Leadership : Mentor junior analysts and provide technical guidance to cross-functional teams
Stakeholder Engagement : Collaborate with IT, compliance, and business teams to align security initiatives with organizational goals
STRATEGIC THINKING Systems Architecture : Apply holistic thinking to understand how security solutions integrate with existing infrastructure and business processes
Innovation : Identify opportunities to improve security posture through new technologies and methodologies
Vendor Management : Participate in technology evaluations, vendor briefings, and procurement processes
PROFESSIONAL EXCELLENCE Continuous Learning : Stay current with cybersecurity trends, threat landscape, and emerging technologies
Quality Focus : Demonstrate attention to detail and commitment to operational excellence
Decision Making : Exercise sound judgment in high-pressure situations and provide clear rationale for security decisions
Communication : Present complex security information clearly to diverse audiences, from technical staff to executive leadership
ADMINISTRATIVE EXCELLENCE Process Adherence : Follow established policies, procedures, and compliance requirements
Documentation : Maintain accurate and comprehensive documentation of security operations and procedures
Reporting : Provide regular status updates and metrics to management on security operations performance
PREFERRED QUALIFICATIONS PROFESSIONAL EXPERIENCE Endpoint Forensics : Experience in endpoint forensics and incident investigation roles
High Availability Environments : Experience operating in datacenter, service provider, AWS, or similar high availability environments
Advanced Scripting : 3+ years of experience with automation and advanced scripting techniques
TECHNICAL SKILLS Splunk Experience : Hands-on experience with Splunk (a plus but not required)
Cloud Platforms : Advanced experience with cloud security (AWS, Azure)
DevSecOps : Knowledge of DevSecOps practices and CI/CD pipeline security
CERTIFICATIONS & PROFESSIONAL DEVELOPMENT Security Certifications : At least one information security certification from recognized organizations such as: ISACA (CISA, CISM, CRISC)
GIAC (GCIH, GCFA, GSEC, GNFA, GREM)
OpenText (EnCase certifications)
ISC2 (CISSP, CCSP, SSCP)
CompTIA (Security+, CySA+, CASP+)
Industry Affiliations : Active membership or participation in professional organizations such as: Information Systems Security Association (ISSA)
Data Security Council of India (DSCI)
InfraGard
GIAC Advisory Board
Local cybersecurity meetups and professional groups
COMPLIANCE & FRAMEWORKS Regulatory Knowledge : Experience with compliance frameworks (SOX, PCI-DSS, NIST Cybersecurity Framework, ISO 27001/27002)
Risk Management : Understanding of enterprise risk management principles and practices
ABOUT SIERRA-CEDAR Sierra-Cedar is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other legally protected basis, in accordance with applicable law.
#J-18808-Ljbffr
This role requires the ability to work in a fast-paced, 24/7 security operations environment and may include on-call responsibilities as needed. QUALIFICATIONS REQUIRED EXPERIENCE & SKILLS Education : Bachelor's degree or higher is required
SOC Experience : Minimum 2+ years of hands-on experience in a Security Operations Center (SOC) environment with daily incident response and alert investigation
Technical Foundation : Strong expertise in operating systems (Windows, Linux, macOS), networking protocols, applications, and core information security principles
Security Architecture : Demonstrated experience with security system design, implementation, and maintenance
Communication : Ability to effectively communicate complex technical concepts to both technical and non-technical stakeholders, including executive leadership
Scripting Proficiency : 2+ years of experience in at least one of the following: PowerShell, Python, Bash, or other shell scripting languages
Work Authorization : Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
Location : Must already be living in the United States
REQUIRED TECHNICAL EXPERTISE Experience with the following security technologies and platforms: Detection & Response Security Information and Event Management (SIEM) platforms (Splunk, QRadar, Sentinel, etc.)
Security Orchestration, Automation, and Response (SOAR) platforms
Endpoint Detection and Response (EDR) solutions
Network Detection and Response (NDR) tools
Network Security Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF)
Intrusion Detection/Prevention Systems (IDS/IPS)
Network monitoring and analysis tools (Wireshark, tcpdump)
DNS security and monitoring solutions
Threat Intelligence & Analysis Threat intelligence platforms and feeds
Malware analysis tools and sandboxing environments
Digital forensics and incident response (DFIR) methodologies
Vulnerability assessment and management tools
Cloud Security
(Preferred) Cloud security monitoring (AWS CloudTrail, Azure Security Center, etc.)
Container security and monitoring
Identity and Access Management (IAM) systems
POSITION RESPONSIBILITIES SECURITY OPERATIONS Incident Response : Lead comprehensive investigations of security incidents using established procedures, forensic methodologies, and threat hunting techniques
Alert Triage : Monitor, analyze, and respond to security alerts from multiple sources, determining severity and appropriate response actions
Threat Hunting : Proactively search for indicators of compromise and advanced persistent threats across the environment
Documentation : Maintain detailed incident reports, playbooks, and post-incident analysis documentation
SECURITY ENGINEERING Technology Management : Deploy, configure, and maintain security technologies including SIEM, EDR, firewalls, and other defensive tools
Automation Development : Design and implement automated workflows to improve detection capabilities and response efficiency
Integration Projects : Lead implementation of new security technologies and integrate them with existing security stack
Performance Optimization : Continuously tune and optimize security tools to reduce false positives and improve detection accuracy
ANALYSIS & INTELLIGENCE Log Analysis : Conduct deep-dive analysis of security logs, network traffic, and system events to identify threats and anomalies
Threat Intelligence : Research emerging threats, vulnerabilities, and attack techniques to enhance organizational defenses
Risk Assessment : Evaluate security risks and provide recommendations for mitigation strategies
GENERAL RESPONSIBILITIES LEADERSHIP & COLLABORATION Project Management : Effectively manage multiple security projects, resources, and timelines with minimal oversight
Team Leadership : Mentor junior analysts and provide technical guidance to cross-functional teams
Stakeholder Engagement : Collaborate with IT, compliance, and business teams to align security initiatives with organizational goals
STRATEGIC THINKING Systems Architecture : Apply holistic thinking to understand how security solutions integrate with existing infrastructure and business processes
Innovation : Identify opportunities to improve security posture through new technologies and methodologies
Vendor Management : Participate in technology evaluations, vendor briefings, and procurement processes
PROFESSIONAL EXCELLENCE Continuous Learning : Stay current with cybersecurity trends, threat landscape, and emerging technologies
Quality Focus : Demonstrate attention to detail and commitment to operational excellence
Decision Making : Exercise sound judgment in high-pressure situations and provide clear rationale for security decisions
Communication : Present complex security information clearly to diverse audiences, from technical staff to executive leadership
ADMINISTRATIVE EXCELLENCE Process Adherence : Follow established policies, procedures, and compliance requirements
Documentation : Maintain accurate and comprehensive documentation of security operations and procedures
Reporting : Provide regular status updates and metrics to management on security operations performance
PREFERRED QUALIFICATIONS PROFESSIONAL EXPERIENCE Endpoint Forensics : Experience in endpoint forensics and incident investigation roles
High Availability Environments : Experience operating in datacenter, service provider, AWS, or similar high availability environments
Advanced Scripting : 3+ years of experience with automation and advanced scripting techniques
TECHNICAL SKILLS Splunk Experience : Hands-on experience with Splunk (a plus but not required)
Cloud Platforms : Advanced experience with cloud security (AWS, Azure)
DevSecOps : Knowledge of DevSecOps practices and CI/CD pipeline security
CERTIFICATIONS & PROFESSIONAL DEVELOPMENT Security Certifications : At least one information security certification from recognized organizations such as: ISACA (CISA, CISM, CRISC)
GIAC (GCIH, GCFA, GSEC, GNFA, GREM)
OpenText (EnCase certifications)
ISC2 (CISSP, CCSP, SSCP)
CompTIA (Security+, CySA+, CASP+)
Industry Affiliations : Active membership or participation in professional organizations such as: Information Systems Security Association (ISSA)
Data Security Council of India (DSCI)
InfraGard
GIAC Advisory Board
Local cybersecurity meetups and professional groups
COMPLIANCE & FRAMEWORKS Regulatory Knowledge : Experience with compliance frameworks (SOX, PCI-DSS, NIST Cybersecurity Framework, ISO 27001/27002)
Risk Management : Understanding of enterprise risk management principles and practices
ABOUT SIERRA-CEDAR Sierra-Cedar is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other legally protected basis, in accordance with applicable law.
#J-18808-Ljbffr