Mid -Level Cyber Security Engineer

• Monitor security alerts and data from various security platforms (e.g., SIEM, NDR, EDR, XDR) to detect and respond to potential threats.
  
• Utilize SIEM tools (e.g., Splunk, ArcSight, QRadar) to aggregate, analyze, and correlate logs and events for threat detection and incident investigation.
  

• Lead or participate in incident response activities, including analysis, containment, eradication, and recovery.
  
• Use SOAR platforms (e.g., Demisto, Phantom, Swimlane) to automate and orchestrate incident response workflows.
  
• Investigate security incidents across endpoints, networks, and applications and provide recommendations for remediation.
  
  

• Leverage threat intelligence feeds and integrate them with SIEM/XDR platforms to enhance detection capabilities.
  
• Continuously tune and optimize security tools to improve detection and response times, minimizing false positives.
  

• Manage and fine -tune the configuration of security tools, including McAfee ePO, Antivirus, EPP (Endpoint Protection Platform), and DLP (Data Loss Prevention) solutions.
  
• Support the implementation and maintenance of network and endpoint security solutions (EDR, NDR, XDR).
  

• Ensure data security policies are enforced using Data Loss Prevention (DLP) tools and data classification frameworks.
  
• Implement and enforce best practices for protecting sensitive and confidential data, adhering to internal and external compliance requirements.
  

• Work with vulnerability management teams to identify, assess, and remediate security weaknesses across the enterprise infrastructure.
  
• Conduct regular assessments to ensure endpoint protection and security tools are up to date and fully operational.
  

• Work closely with IT, Network, and Development teams to ensure security measures are incorporated into the infrastructure and applications.
  
• Provide regular reports to management on security incidents, trends, and improvements to the security posture.
  

• Assist in creating and delivering security awareness training for employees, ensuring that security protocols and best practices are understood and followed.
  

• Maintain documentation of security incidents, investigations, and system configurations in accordance with compliance and audit standards.
  
• Assist in compliance efforts for relevant security frameworks and regulations (e.g., GDPR, HIPAA, PCI -DSS).
  

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent work experience.
  

• 3 -5 years of experience in security operations or a related field, with hands -on experience using a variety of security technologies and tools.
  

• Security Tools: Extensive experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight), SOAR (e.g., Demisto, FortiSoar), EDR (e.g., CrowdStrike, Cybereason, Carbon Black), XDR, NDR, EPP, DLP, and Data Classification tools.
  
• Endpoint Security: Familiarity with McAfee ePO, Antivirus solutions, and endpoint protection tools.
  
• Network Security: Experience with network security technologies, firewalls, IDS/IPS, and NDR platforms.
  
• Scripting & Automation: Experience with scripting languages (e.g., Python, PowerShell) to automate security workflows and incident response processes.
  
• Threat Intelligence & Analysis: Ability to consume and integrate threat intelligence into security operations tools.
  
• Cloud Security: Familiarity with cloud platforms (AWS, Azure, GCP) and security considerations for cloud infrastructure.
  

• Certified Information Systems Security Professional (CISSP)
  
• Certified Ethical Hacker (CEH)
  
• GIAC Security Operations Certified (GSOC)
  
• Certified Incident Handler (GCIH)
  
• CompTIA Security+ or equivalent
  

• Strong analytical skills with the ability to triage and investigate security events.
  
• In -depth understanding of security operations, incident response, and risk management.
  
• Strong troubleshooting skills and ability to think critically under pressure.
  
• Excellent communication skills, including the ability to explain complex technical concepts to non -technical stakeholders.
  
• Proactive and collaborative mindset, able to work effectively across multiple teams.
  
• A deep understanding of emerging security threats and trends, with a passion for continuous learning.