Job Title
Information Security Operations Engineer
Job Description Summary
Job Description
- Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed.
- Responsible for the identification and assessment of enterprise risks. Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture
- Articulates security policies, guidelines and standards to customers and developers. Able to apply theories, concepts, principles, and methodologies to difficult but conventional assignments. Assignments are given in terms of objectives to be met.
- Works independently within an established framework.
- Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents.
- Implement IS and cyber security policies and take measures against intrusion, frauds, attacks, or leaks.
- Continue to build knowledge of the organization, processes, and customers. Performs a range of straightforward assignments. Use prescribed guidelines or policies to analyze and resolve problems. Receives a moderate level of guidance and direction
- Partners with Security Architecture on critical scope delivery
- Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s).
- Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network to identify malicious activity, abnormal behaviors, and emerging attacker techniques.
- Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage.
Desired Technical Skillset:
- Experience responding to security incidents in enterprise environments, with a deep understanding of the Incident Response cycle.
- Deep understanding of Cybersecurity concept, principles, and best practices
- Knowledge of Security framework and standards (eg NIST)
- Comprehensive understanding of technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols
- Knowledge of Windows and MAC operating Systems and their security features
- Understanding compliance requirements
- Experience with administrating or architecting solutions in
- Zscaler
- CrowdStrike
- Mimecast
- Wiz
- MS Defender
- Emphasis on Identity, setting up and analyzing Conditional Access Policies
- Experienced operating as an administrator across security platforms and executing changes per the Security Architecture groups design.
- Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution, to inform risk models and defense strategies.
- Guide the implementation of threat hunting methodologies using SIEM, EDR and advanced telemetry to surface adversarial tactics, techniques, and procedures across the enterprise.
- Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling
- Expert level understanding of standard risk classification schemes including CVSS
- Strong organization skills and effective communication on risk with experience presenting to an executive audience
- Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle, typical risks and risk management approaches, customer expectations and behavior
- Composure and clear thinking during high pressure situations
- Capable of performing technical and business risk analysis on cybersecurity issues.
- Abilities to analyze problems, ask questions, and come up with potential solutions within the confines of our security standards
- Ability to work in multiple areas but track through issue resolution.
INCO: “Cushman & Wakefield”
