Cyber Security Engineer

Our international law firm client is seeking a Cyber Security Engineer to manage, provide technical support, implement, and troubleshoot all security products used by the organization. The ideal candidate must have significant hands-on experience with security technologies and solutions and also be comfortable to perform daily investigation of security incidents, security assessments and audits.

This is a remote role with the following hours:

Monday-Friday 6:00am-2:00pm Eastern Time and on-call rotation schedule

Key Responsibilities:

• Administer and engineer core security technologies, including firewalls, antivirus solutions, web filtering, DLP, IPS/IDS, NAC, DDOS protection, third-party remote access, application whitelisting, and endpoint detection and response platforms.
• Manage and tune SIEM technologies to ensure accurate threat detection and log visibility.
• Investigate and manage security events end-to-end through resolution.
• Oversee and maintain privileged access management (PAM) platforms.
• Conduct technical security audits, risk assessments, and security architecture reviews.
• Perform configuration audits for firewalls, networks, and systems.
• Execute vulnerability scans across networks, servers, applications, and cloud environments.
• Develop detailed weekly or periodic security reports and maintain operational metrics.
• Collaborate with external consultants and third-party vendors supporting security operations.
• Participate in ongoing review of new technologies, testing, proof-of-concepts, and product evaluations.
• Conduct malware analysis and research emerging exploit techniques used by threat actors.
• Perform proactive threat hunting activities.
• Support incident response processes as a core member of the cyber incident response team.
• Build, refine, and document processes to strengthen the organization’s overall security posture.
• Ensure that security controls align with client, audit, and regulatory requirements.

Requirements:

• Cisco network technologies
• Deep hands-on experience with Palo Alto firewalls across their full feature set
• Password vaulting solutions (CyberArk, BeyondTrust, etc.)
• Micro-segmentation platforms (Illumio or similar)
• SIEM tools such as Microsoft Sentinel or comparable solutions
• IDS/IPS tools (Vectra AI, Snort, Suricata, AlienVault, etc.)
• Endpoint security platforms (CB Application Control, Microsoft Defender, Defender ATP)
• Vulnerability scanning tools such as Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike, etc.
• Open-source security toolsets (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoasting tools, SET, etc.)
• Vulnerability management platforms (Tenable IO, Nexpose, Qualys, etc.)
• Windows OS, Active Directory, DNS, DHCP, and SQL Server
• Linux operating systems (Ubuntu, CentOS, RedHat)
• Windows server and workstation hardening
• Scripting experience (Python, PowerShell, VBScript, etc.)
• Privileged account management platforms (CyberArk, BeyondTrust, etc.)
• Microsoft M365 E5 security stack and Azure security tools
• Required certifications: GIAC GSEC, PCNSE, OSCP

Qualifications:

• 5–7 years of experience in information security.
• Hands-on background in incident response, investigations, and forensic analysis.
• Strong understanding of security best practices across systems, networks, and cloud technologies.
• Ability to manage multiple initiatives in a fast-moving environment while maintaining attention to detail.
• Strong critical-thinking abilities with a problem-solving mindset and the ability to think beyond traditional approaches.
• Excellent communication, documentation, and interpersonal skills.
• Comfortable working independently with minimal supervision.
• Passionate about cyber defense and staying ahead of evolving threats.
• Bachelor’s degree in Computer Science, Information Systems, or equivalent professional experience