Kaztronix
http://kaztronix.wpengine.com/wp-content/uploads/2018/11/logo2x-b.png
http://www.kaztronix.com
http://www.kaztronix.com
true
Incident Response Engineer
Richmond, VA US
Posted: 04/12/2023
2023-04-12
2023-06-27
Industry: Technology
Job Number: 23-00169
Job Description
The first line of defense against cyber attacks is its Managed Cloud Security (MCS) operations team. MCS team is comprised of dedicated engineers to provide assistance to our customers on a 24x7x365 basis. Engineers use their prior security experience to monitor, support and bring context to detected security events. These engineers work closely with MCS escalation teams, Security Core engineering and with Expert Services team to detect, properly escalate security incidents, threats and vulnerabilities, while following defined procedures for incident response and security event management. This is an opportunity to work with experienced security professionals to learn security operations methodology and industry best-practice.
Key Responsibilities: Monitor security alerts for customers Monitor (distributed) denial of service attacks at network and application levels Evaluate and triage security alerts Notify customers on security alerts of their interest Initiate and participate in war-room activities in response to threats and attacks Provision, deploy, configure and troubleshoot customer WAAP ruleset Prepare vulnerability reports and follow up with appropriate teams for remediation Assess and analyze web application API protection (WAAP) and web traffic logs to help identify threats and potential vulnerabilities Assist customers with DDoS and threat mitigation on a live bridge Responsible for reviewing SIEM for alerts and anomalies Interact with customers by phone, chat, or trouble ticket on their security or reporting opportunity to provide an exceptional customer experience every day. Ability to adjust to the unpredictable & changing work of cybersecurity Proactively identify potential threats and develop recommendations for corrective actions based on industry research and patterns identified within the environment. Identify, Research and validate protection against recently published Common Vulnerability & Exposure (CVE) reports for customers.
Required Qualifications and Experience: 2 years of experience working in Network Operations Center or Security Operations Center. Strong written and verbal communication skills Knowledgeable about the current cybersecurity industry and trends with experience working in internet, web security, identity management and web fraud Possess understanding of web environments and architectures along with knowledge of HTTP, DNS, TCP/IP, FTP, and other internet protocols Knowledge of network troubleshooting tools, traceroute, ping, nmap, wireshark etc. Motivated self-starter who can work well with minimal supervision. Ability to operate with urgency, focus, discipline, and minimal supervision Experience with multiple operating systems ( Unix/Linux Windows, MacOS ) Experience with Python or other scripting languages Preferred Qualifications: Previous experience in a CDN Bachelor's Degree in Computer Science, Management Information Systems or relevant engineering/science fields Exposure to web programming (HTML, javascript, ASP, JSP) An industry-recognized security certification (CISSP, CISA, Security+, etc.). Experience with cloud platforms such as AWS, Azure, or Google Cloud. Familiarity with Open Worldwide Application Security Project top 10
Kaztronix is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, sex, age, religion, disability, veteran status or any other consideration made unlawful by federal, state or local laws. In addition, all human resource actions in such areas as compensation, employee benefits, transfers, layoffs, training and development are to be administered objectively, without regard to race, color, religion, age, sex, national origin, disability, veteran status or any other consideration made unlawful by federal, state or local laws.
By applying to the position, you acknowledge that your information will be used by Kaztronix in processing your application.
Key Responsibilities: Monitor security alerts for customers Monitor (distributed) denial of service attacks at network and application levels Evaluate and triage security alerts Notify customers on security alerts of their interest Initiate and participate in war-room activities in response to threats and attacks Provision, deploy, configure and troubleshoot customer WAAP ruleset Prepare vulnerability reports and follow up with appropriate teams for remediation Assess and analyze web application API protection (WAAP) and web traffic logs to help identify threats and potential vulnerabilities Assist customers with DDoS and threat mitigation on a live bridge Responsible for reviewing SIEM for alerts and anomalies Interact with customers by phone, chat, or trouble ticket on their security or reporting opportunity to provide an exceptional customer experience every day. Ability to adjust to the unpredictable & changing work of cybersecurity Proactively identify potential threats and develop recommendations for corrective actions based on industry research and patterns identified within the environment. Identify, Research and validate protection against recently published Common Vulnerability & Exposure (CVE) reports for customers.
Required Qualifications and Experience: 2 years of experience working in Network Operations Center or Security Operations Center. Strong written and verbal communication skills Knowledgeable about the current cybersecurity industry and trends with experience working in internet, web security, identity management and web fraud Possess understanding of web environments and architectures along with knowledge of HTTP, DNS, TCP/IP, FTP, and other internet protocols Knowledge of network troubleshooting tools, traceroute, ping, nmap, wireshark etc. Motivated self-starter who can work well with minimal supervision. Ability to operate with urgency, focus, discipline, and minimal supervision Experience with multiple operating systems ( Unix/Linux Windows, MacOS ) Experience with Python or other scripting languages Preferred Qualifications: Previous experience in a CDN Bachelor's Degree in Computer Science, Management Information Systems or relevant engineering/science fields Exposure to web programming (HTML, javascript, ASP, JSP) An industry-recognized security certification (CISSP, CISA, Security+, etc.). Experience with cloud platforms such as AWS, Azure, or Google Cloud. Familiarity with Open Worldwide Application Security Project top 10
Kaztronix is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, sex, age, religion, disability, veteran status or any other consideration made unlawful by federal, state or local laws. In addition, all human resource actions in such areas as compensation, employee benefits, transfers, layoffs, training and development are to be administered objectively, without regard to race, color, religion, age, sex, national origin, disability, veteran status or any other consideration made unlawful by federal, state or local laws.
By applying to the position, you acknowledge that your information will be used by Kaztronix in processing your application.