Job Title
EIC Information Security Operations Engineer Intern
Job Description Summary
Cushman & Wakefield is a global commercial real estate services leader with 52,000 professionals worldwide, we will never settle for the world that’s been built, but relentlessly drive it forward for our clients, colleagues and communities. Here you have the opportunity to learn new skills, apply your expertise, explore local and global challenges, and solve complex technology issues with creative solutions and diverse teams. #BetterNeverSettles Selected Candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. As part of the Global Security Operations Center team, he/she should be responsible for improving security operations and monitoring security events in EDR, permitter scanning, threat detection, preventative advanced threat hunting, across all security tools.
Job Description
Roles & Responsibilities:
Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed.
Responsible for the identification and assessment of enterprise risks. Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture
Articulates security policies, guidelines and standards to customers and developers. Able to apply theories, concepts, principles, and methodologies to difficult but conventional assignments. Assignments are given in terms of objectives to be met.
Works independently within an established framework.
Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents.
Implement IS and cyber security policies and take measures against intrusion, frauds, attacks, or leaks.
Continue to build knowledge of the organization, processes, and customers. Performs a range of straightforward assignments. Use prescribed guidelines or policies to analyze and resolve problems. Receives a moderate level of guidance and direction
Partners with Security Architecture on critical scope delivery
Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s).
Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network to identify malicious activity, abnormal behaviors, and emerging attacker techniques.
Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage.
Desired Technical Skillset:
Experience responding to security incidents in enterprise environments, with a deep understanding of the Incident Response cycle.
Deep understanding of Cybersecurity concept, principles, and best practices
Knowledge of Security framework and standards (eg NIST)
Comprehensive understanding of technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols
Knowledge of Windows and MAC operating Systems and their security features
Understanding compliance requirements
Experience with administrating or architecting solutions in
Zscaler
CrowdStrike
Mimecast
Wiz
MS Defender
Emphasis on Identity, setting up and analyzing Conditional Access Policies
Experienced operating as an administrator across security platforms and executing changes per the Security Architecture groups design.
Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution, to inform risk models and defense strategies.
Guide the implementation of threat hunting methodologies using SIEM, EDR and advanced telemetry to surface adversarial tactics, techniques, and procedures across the enterprise.
Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling
Expert level understanding of standard risk classification schemes including CVSS
Strong organization skills and effective communication on risk with experience presenting to an executive audience
Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle, typical risks and risk management approaches, customer expectations and behavior
Composure and clear thinking during high pressure situations
Capable of performing technical and business risk analysis on cybersecurity issues.
Abilities to analyze problems, ask questions, and come up with potential solutions within the confines of our security standards
Ability to work in multiple areas but track through issue resolution.
Qualifications:
Junior or Senior pursuing a Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or a related degree.
Experience in security domain with exposure to tools such as CrowdStrike, ZScaler, Palo Alto, Mimecast, MS Defender is a plus.
Highly skilled and knowledgeable within the Microsoft environment and toolset.
Energetic and a quick learner
Good communication skills with a positive attitude.
A willingness to learn new technology.
Experienced in incident response lifecycle and SLAs.
Any Security Certification is an added advantage.
Cushman & Wakefield also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health, vision, and dental insurance, flexible spending accounts, health savings accounts, retirement savings plans, life, and disability insurance programs, and paid and unpaid time away from work. In addition to a comprehensive benefits package, Cushman and Wakefield provide eligible employees with competitive pay, which may vary depending on eligibility factors such as geographic location, date of hire, total hours worked, job type, business line, and applicability of collective bargaining agreements.
The compensation that will be offered to the successful candidate will depend on factors such as whether the position is covered by a collective bargaining agreement, the geographic area in which the work will be performed, market pay rates in that area, and the candidate’s experience and qualifications.
The company will not pay less than minimum wage for this role.
The compensation for the position is: $17.85 - $21.00
Cushman & Wakefield is an Equal Opportunity employer to all protected groups, including protected veterans and individuals with disabilities. Discrimination of any type will not be tolerated.
In compliance with the Americans with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position at Cushman & Wakefield, please call the ADA line at 1-888-365-5406 or email Accommodations@cushwake.com. Please refer to the job title and job location when you contact us.
INCO: “Cushman & Wakefield”