Cyber Security Engineer

Key Responsibilities

• Administer and engineer core security technologies, including firewalls, antivirus solutions, web filtering, DLP, IPS/IDS, NAC, DDOS protection, third-party remote access, application whitelisting, and endpoint detection and response platforms.
• Manage and tune SIEM technologies to ensure accurate threat detection and log visibility.
• Investigate and manage security events end-to-end through resolution.
• Oversee and maintain privileged access management (PAM) platforms.
• Conduct technical security audits, risk assessments, and security architecture reviews.
• Perform configuration audits for firewalls, networks, and systems.
• Execute vulnerability scans across networks, servers, applications, and cloud environments.
• Develop detailed weekly or periodic security reports and maintain operational metrics.
• Collaborate with external consultants and third-party vendors supporting security operations.
• Participate in ongoing review of new technologies, testing, proof-of-concepts, and product evaluations.
• Conduct malware analysis and research emerging exploit techniques used by threat actors.
• Perform proactive threat hunting activities.
• Support incident response processes as a core member of the cyber incident response team.
• Build, refine, and document processes to strengthen the organization’s overall security posture.
• Ensure that security controls align with client, audit, and regulatory requirements.

Required Skills & Experience

• 5–7 years of experience in information security.
• Hands-on background in incident response, investigations, and forensic analysis.
• Strong understanding of security best practices across systems, networks, and cloud technologies.
• Ability to manage multiple initiatives in a fast-moving environment while maintaining attention to detail.
• Strong critical-thinking abilities with a problem-solving mindset and the ability to think beyond traditional approaches.
• Excellent communication, documentation, and interpersonal skills.
• Comfortable working independently with minimal supervision.
• Passionate about cyber defense and staying ahead of evolving threats.

Required Technical Expertise

• Cisco network technologies
• Deep hands-on experience with Palo Alto firewalls across their full feature set
• Password vaulting solutions (CyberArk, BeyondTrust, etc.)
• Micro-segmentation platforms (Illumio or similar)
• SIEM tools such as Microsoft Sentinel or comparable solutions
• IDS/IPS tools (Vectra AI, Snort, Suricata, AlienVault, etc.)
• Endpoint security platforms (CB Application Control, Microsoft Defender, Defender ATP)
• Vulnerability scanning tools such as Nessus, Tenable, Rapid7 Nexpose, Cobalt Strike, etc.
• Open-source security toolsets (Kali Linux, Metasploit, Nmap, PowerShell Empire, Kerberoasting tools, SET, etc.)
• Vulnerability management platforms (Tenable IO, Nexpose, Qualys, etc.)
• Windows OS, Active Directory, DNS, DHCP, and SQL Server
• Linux operating systems (Ubuntu, CentOS, RedHat)
• Windows server and workstation hardening
• Scripting experience (Python, PowerShell, VBScript, etc.)
• Privileged account management platforms (CyberArk, BeyondTrust, etc.)
• Microsoft M365 E5 security stack and Azure security tools

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, or equivalent professional experience
• Required certifications: GSEC, GCIH, GPEN, GCED, PCNSE or OSCP (Must have one of these certs).

The Phoenix Group Advisors is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and prohibit discrimination and harassment of any kind based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. We strive to attract talented individuals from all backgrounds and provide equal employment opportunities to all employees and applicants for employment.