Sr. Cybersecurity Engineer
3 weeks ago
Job Title: Sr. Cybersecurity Engineer
Location: Oakland CA 94612 (Hybrid)
Onsite Requirements:
Cybersecurity Engineer (7+ years)
Job Description:
Responsibilities:
Lead the charge in identifying cyber risks and offering insightful recommendations for enhancement.
Strategize and oversee operations activities including threat monitoring, incident response, and vulnerability management, alongside identity and access management systems.
Evaluate and recommend enhancements for security architecture and configuration of IAM systems.
Develop, implement, and maintain robust cybersecurity measures to fortify our services infrastructure and safeguard our data.
Craft and maintain custom security tools and scripts to streamline security assessments and red teaming activities.
Stay abreast of the latest security threats, vulnerabilities, and attack techniques, researching and experimenting with new tools and methodologies to bolster our defenses.
Plan, execute, and analyze complex attack scenarios to emulate advanced threat actors, contributing to the refinement of tactics, techniques, and procedures used by adversaries.
Build, deploy, and manage security tools, automating security processes using Python or other languages.
Develop and maintain comprehensive security documentation and communicate security updates to employees and stakeholders.
Conduct tabletop exercises with internal stakeholders, drawing insights to recommend improvements based on lessons learned.
Qualifications:
7+ years of experience in Cybersecurity
Extensive experience with Linux, macOS, and Windows internals.
Proficiency in EDR technologies and evasion techniques.
Sound understanding of the Software Development Life Cycle.
Hands-on experience with network security, encryption, threat modeling, discovery, vulnerability, and penetration testing.
Familiarity with a variety of security tools and products (e.g., firewalls, antivirus, intrusion detection systems).
Proficiency in network tools such as nmap, Wireshark, and Metasploit.
Experience with systems like Windows Server 2016+, Active Directory, and Linux.
Development experience in scripting languages like Python, bash, JavaScript, or Perl is a plus.
Broad understanding of network protocols including SMTP, DNS, and HTTPS.
Familiarity with the MITRE ATT&CK framework tactics and techniques.
Proficiency in computer forensics and digital investigation skills.
Excellent written and verbal communication abilities.
