Cybersecurity Engineer

Job Overview We seek a hands-on Cybersecurity Engineer with proven experience deploying and operationalizing enterprise security solutions. You will implement EDR, NDR, SIEM, CSPM, IAM, and PAM technologies for commercial/government clients while ensuring alignment with MITRE ATT&CK and compliance frameworks (NIST, ISO 27001, IM8). This role requires deep technical execution skills and solution integration expertise. Core Responsibilities Solution Deployment & IntegrationEndpoint: Deploy/manage CrowdStrike/SentinelOne (policy tuning, threat hunting packages) NDR: Implement Darktrace/Vectra NDR with network segmentation enforcement SIEM: Architect Splunk/Sumo Logic deployments (on-prem/cloud) with SOAR playbooks Cloud Security: Configure CSPM (Wiz, Lacework), CNAPP (Prisma Cloud), and IaC scanning IAM/PAM: Rollout CyberArk/Okta/PingIdentity (privileged session monitoring, RBAC workflows) Technical OptimizationDevelop detection rules (Sigma, YARA) for APT groups targeting SEA Integrate solutions into CI/CD pipelines (Jenkins, GitLab) Conduct solution hardening using CIS benchmarks Client Delivery & HandoverLead, Develop, Conduct UAT & SSAT for assigned projects Create operational runbooks, Design Documents, Configuration guide Train client staff on solution management Technical Requirements Solution Deployment ExperienceEDR/XDR: CrowdStrike, SentinelOne, Microsoft Defender or equivalent NDR: Darktrace, Vectra, ExtraHop or equivalent SIEM/SOAR: Splunk ES, QRadar, Chronicle, Torq - Use case development, SOAR playbook automation Cloud Security: Wiz, Prisma Cloud, AWS Security Hub - CSPM policy packs, cloud asset inventory IAM/PAM: CyberArk, Okta, Azure AD PIM - Privileged access workflows, RBAC policy enforcement Technical Competencies Scripting: Python/PowerShell for API integrations (e.g., SIEM-EDR correlation) Networking: TCP/IP stack, Zero Trust segmentation (Zscaler, Illumio) Cloud Platforms: AWS IAM, Azure Sentinel, GCP Security Command Center Compliance: Implement controls for NIST 800-53, ISO 27001, IM8 Certifications Required: CISSP, vendor certs (e.g., CrowdStrike CCSF, Splunk Power User) Cloud: AWS Security Specialty/Azure SC-200 IAM: CyberArk Defender/Okta Certified Professional Experience & Qualification Requirements Bachelor’s degree in IT, Cyber Security or equivalent 5+ years deploying cybersecurity solutions EDR/NDR: 3+ enterprise deployments (500+ endpoints) SIEM: 2+ full lifecycle implementations Cloud Security: CSPM/IAM rollout for AWS/Azure/GCP PAM: CyberArk/Thycotic deployment with vaulting solutions Govt project exposure (IM8, CSA Cyber Essentials) preferred Excellent communication and interpersonal skills. Ability to work independently and within a team #J-18808-Ljbffr