Englewood, CO30+ days ago
Engineer 3, Network Engineering - Security Perform incident handling for cloud-based cyber security alerts and provide playbook documentation for alerts; use Splunk and Bluevector for End Point Protection; use Xsoar for case tracking and automation for security incidents; use ProofPoint for email protection; use CrowdStrike Endpoint Detection and Response solution; develop software using Jira; use Stealth Watch for Network Detection and Response; scan for vulnerabilities using Tenable; use Service Now ticketing system; provide cloud security using Microsoft MCAS; use Eracent for enterprise inventory management; use ThreatQ to gather security intelligence; use InTune for mobile device security management; work with Databricks log database; utilize Fortinet UTM and PaloAlto as Firewalls, Intrusion Prevention Systems, and Anti-Virus; use Microsoft IAM tools, including Defender for Identity; use end point security tools including Uptycs and Opens; work with the Network and Systems Engineers to create, maintain, and enforce security policies effecting the network; secure all information and information systems assets of the Company network infrastructure; design, install, and manage operations of VPN, SoHo, WAF, IDS, DDoS, Partner Access Solutions, Network Security Stack powering Zero-Trust, Firewalls, and micro segmentation protection CCS operations infrastructure; ensure implementation of security safeguards to the Company's IP network; collaborate with the Network Operations team to ensure disaster recovery plans are viable and current; work with the Network Operating Center to maintain up-to-date troubleshooting guides that pertain to security; recommend policy for responding to security incidents; research new and/or updated technologies as they become available; perform regular penetration tests and vulnerability assessments; take the lead on security audits; provide detailed case notes which cover the Incident Response Lifecycle from Detection to Post Incident; provide report summaries to Tech Leads, Legal, and Management on third party incidents and including major incidents; act as SME in Incident Handling including the toolsets that are used by being an escalation point for more junior staff. ***REQUIREMENTS: Bachelor's degree, or foreign equivalent, in Computer Science, Engineering, or related technical field, and two (2) years of experience performing incident handling for cloud-based cyber security alerts and providing playbook documentation for alerts; using Splunk for End Point Protection; using Xsoar for case tracking and automation for security incidents; of which one (1) year of experience includes using Bluevector; using ProofPoint for email protection; using CrowdStrike Endpoint Detection and Response solution; developing software using Jira; using Stealth Watch for Network Detection and Response; scanning for vulnerabilities using Tenable; using Service Now ticketing system; providing cloud security using Microsoft MCAS; using Eracent for enterprise inventory management; using ThreatQ to gather security intelligence; using InTune for mobile device security management; working with Databricks log database; utilizing Fortinet UTM and PaloAlto as Firewalls, Intrustion Prevention Systems, and Anti-Virus; using Microsoft IAM tools, including Defender for Identity; and using end point security tools including Uptycs and Opens.