Information Security Senior Engineer

Summary

Join SonicWall, a leading cybersecurity company, as a Senior Engineer. This hands-on role involves measuring KPIs, implementing Zero Trust principles, and deploying a comprehensive cybersecurity program. You will troubleshoot security issues, respond to breaches, and participate in change management. The ideal candidate possesses strong problem-solving and communication skills, along with extensive cybersecurity experience. This remote position offers the opportunity to work with cutting-edge technology in a dynamic environment.

Requirements

• Bachelor’s Degree or an equivalent combination of education and work experience
• 6+ years of experience in Cybersecurity
• Knowledge of Windows, Macintosh and Linux systems
• Knowledge of regulations such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Information Portability and Accountability Act (HIPAA), etc
• Excellent written and oral communication skills in English with the ability to represent and advocate complex technical concepts externally
• Highly self-motivated and directed, and keen attention to detail
• CISSP, GCTI, GCFE, GCIH, GREM, OSCP
• Experience in public and private clouds: AWS, Azure, OpenStack, KVM, HyperV, VMWare

Responsibilities

• Measure Key Performance Indicators (KPIs) and metrics
• Partner with the Chief Security Architect to implement Zero Trust principles
• Provide input, coordinate, and participate in testing of new security designs
• Deploy a comprehensive cybersecurity program that includes ongoing patching of systems to address known vulnerabilities, and the continued use of tools and frameworks to prevent, detect, and minimize cyber threats
• Planning, implementing, managing, monitoring and upgrading security measures for the protection of Engineering\Corporate labs, systems, and networks
• Troubleshooting security and network problems
• Responding to all system and/or network security breaches in support of CSIRT
• Participating in the change management process
• Identifying, and addressing network and system vulnerabilities and data integrity threats
• Support privacy-based implementations for business and regulatory requirements
• Work closely with operational risk, compliance, legal, and audit teams
• Investigate incoming incidents by correlating information from tools like -EDR, NDR, Cloud Security, Threat Intelligence, sandboxes, and live forensics
• Use of OSINT tools like Virus Total, AbuseIPDB, IPVoid, Shodan etc. to better investigate security incidents
• Create new monitoring rules in SIEM for the onboarded technologies (e.g., Windows, Linux, Firewall, Proxy, O365, IPS, etc.)
• Perform fine-tuning on the existing rules to reduce the number of false positives across the organization
• Guides and supports Cyber Defense Team analysts with processes, tools, and alert investigation and response
• Able to conduct cyber risk assessments using frameworks or standards like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, or other industry measurement tools
• Performs threat hunting and proactively identifies IOCs (indicators of compromise)

Preferred Qualifications

Results-oriented with a strong focus on quality

Benefits

#LI-remote