Cybersecurity Solutions Engineer
Company: Liberty Mutual
Location: Somerville
Posted on: May 14, 2022
Job Description:
Job Summary The Cybersecurity Solutions Engineer is a role
within the Liberty Mutual Cybersecurity Operations Center
responsible for building and implementing new capabilities for
cyber threat hunting, monitoring and identification of anomalous
activity for the Cyber Security Operations Center. Conduct threat
monitoring and hunting while utilizing cyber threat intelligence to
expand capabilities beyond SIEM detections. Utilize threat data to
conduct investigations which may result in security incidents. The
role includes mentoring Senior CSOC engineers through incident
response consultation or through incident escalation. This is a
critical front-line cyber security role responsible for protecting
Liberty Mutual' s assets, networks, and systems from cyber threats.
Job Responsibilities
Perform threat hunting and risk
assessments, conduct incident handling tasks based on daily process
and/or procedure.Identify potential security control gaps in an
enterprise environment and provide solutions to mitigate
compromise. Review threat intelligence to ensure enterprise is
prepared to defend attacks.Complete threat assessments to properly
scope organizational wide incidents.Conduct threat hunting across
the enterprise network to discover indicators of a network breach
or system compromise.Comprehensive knowledge of Firewall, IDPS and
WAF logs, ability to hunt for threats across the perimeter and
across cloud environments. Incorporate cyber threat intelligence to
enhance hunting capabilities. Investigate alerts generated by
network security controls to prevent data loss and maintain the
integrity of corporate information.Participate in Financial sector
and Information Security communities to share and consume
intelligence to further enhance discovery capabilities.Analyze
files and binaries for indicators of malicious capabilities
resulting in reporting on findings which can be used for
retrospective or future detection.Provide mentoring to Senior
Cybersecurity Engineers on the processes of advanced information
security investigation, threat hunting and incident
procedures.Develop applications or scripting for forensic and
incident response analysis.Deep understanding of key business
initiatives and identifies improvements that address highly complex
technical functional and technical gaps within single business
process.Provides consultation on highly complex technology to
address security gaps which enable business processes. Ability to
lead projects and enhance technology capabilities which support
long term strategiesWorks closely with Security Architects team to
drive adaptation of security standards across the
organization.Ability to influence change to security posture though
data driven analysis Required 24x7 on-call participation per
on-call rotationApply continuous iteration to current processes and
monitoring based on lessons learned. Preparation, Training, and
Experience
Collegiate level degree in Computer
Science, Computer Engineering, Information Security, or other
related disciplineActive Cybersecurity certifications such as GCIH,
GSEC, GREM, GCFA, GCFE (GCIH desirable)8 years of recent experience
working as an information security professionalPrevious experience
working in a Cyber Security Operations Center is desirableMust have
excellent trouble-shooting and problem-solving skillsKnowledge of
frameworks, standards, and best practices such as NIST, PCI,
CIS-CSCs, COBIT, MITRE ATT&CK, Cyberkill Chain etcDemonstrated
experience working independently as a digital forensics and
incident responderDemonstrated understanding of General IT
knowledge, Security Fundamentals, Network Systems, Firewalls,
IDS/IPS Systems, Security Email Flow, End-point Security, and,
Network Security concepts Windows & Linux Systems Administration,
malware analysis, cyber threat hunting, cyber threat intelligence,
offensive tactics techniques, and procedures, and cloud security
fundamentals.Demonstrated experience with application
security.Experience using Security Information Event Management
platform/case management.Desirable experience building playbooks,
scripts, and development of automation in support of security
operations.Excellent oral and written communication skills. Desired
Certifications:
CompTiA Linux+; CompTIA Network+;
SANS GIAC GSEC GREM GCIH Cisco CCNA Cyber Ops CompTIA CySA+OSCPISC2
CISSP or SSCPMicrosoft Azure / AWS Security / ISC2 CCSP / CSA
CCSAAt Liberty Mutual, our purpose is to help people embrace today
and confidently pursue tomorrow. That's why we provide an
environment focused on openness, inclusion, trust and respect.
Here, you'll discover our expansive range of roles, and a workplace
where we aim to help turn your passion into a rewarding profession.
Liberty Mutual has proudly been recognized as a "Great Place to
Work" by Great Place to Work US for the past several years. We were
also selected as one of the "100 Best Places to Work in IT" onIDG's
Insider Pro and Computerworld's 2020 list. For many years running,
we have been named by Forbes as one of America's Best Employers for
Women and one of America's Best Employers for New Graduates-as well
as one of America's Best Employers for Diversity. To learn more
about our commitment to diversity and inclusion please visit: We
value your hard work, integrity and commitment to make things
better, and we put people first by offering you benefits that
support your life and well-being. To learn more about our benefit
offerings please visit: Liberty Mutual is an equal opportunity
employer. We will not tolerate discrimination on the basis of race,
color, national origin, sex, sexual orientation, gender identity,
religion, age, disability, veteran's status, pregnancy, genetic
information or on any basis prohibited by federal, state or local
law.
Keywords: Liberty Mutual, Somerville , Cybersecurity Solutions Engineer, Engineering , Somerville, Massachusetts
Didn't find what you're looking for? Search again!
Loading more jobs...