K2 Integrity is looking for a senior cyber security engineer for its cyber risk services practice. Cyber Risk Services is responsible for providing a holistic, all-inclusive, end-to-end approach to cyber security consulting. Members of the team will be involved with highly technical operations such as forensic analysis and penetration testing, as well as consulting and advising client decision makers.
- Conduct forensic investigations of phishing alerts, cloud security and threat analytics, alerts for malware or spyware.
- Provide second and third level support to monitor security systems (e.g., firewalls, email security mechanisms, data loss prevention systems, etc.)
- Investigate, analyze, report, and escalate (if necessary) security events from SEIM Tool.
- Manage cybersecurity setup and troubleshooting for private clients and small office environments.
- Monitor and review VA & PT scans.
- Participate in the evaluation of tools and creation of customized methodologies and applications.
- Independently produce high-quality reports, maintaining accurate and organized records of work.
- Manage multiple projects of a diverse nature, concurrently.
- Conduct verbal briefings for project managers, senior management and/or clients.
- Contribute to the department by identifying and developing new resources and tools to improve research and analysis methodologies.
- Other duties as assigned.
- Bachelor’s degree in computer science or cyber security related field. Master’s degree preferred.
- 7+ years of relevant experience within information technology, cyber risk or digital forensics.
- Experience in security systems administration languages.
- Functional knowledge of networking technology including routing, switching, firewalls, VPN, remote access.
- Experience securing M365/GSuite/AWS environments; developing scripts or queries to generate reports against Active Directory; preventing Active Directory credential theft attacks using Pass the Hash, Golden Ticket or Lateral Movement; monitoring and analyzing logs from Active Directory; group policy objects, security log analysis and delegation of permissions.
- Experience with Security Information and Event Management (SIEM) and Log aggregation platforms using Splunk, Snowflake, Quest, or StealthBits.
- Knowledge and experience with incident response and intrusion detection.
- GIAC Certification or CEH, GNFA, GCIA highly preferred.
- Working knowledge of Wireshark, Splunk, and related software; familiarity with vendor security mechanisms, such as Cisco, Imperva, Rapid7, and LogRhythm.
- Ability to analyze complex topics, make informed analytical judgements, and accurately and thoroughly document findings, providing clear and concise reports/briefings to senior management and/or clients.
- High-level critical thinking, analytical, and trouble-shooting skills.
- Strong teamwork and interpersonal skills.
- Demonstrated ability to be flexible and perform efficiently in a fast-paced, changing environment.
- Ability to travel, as needed.