Job Openings Endpoint Engineer

About the job Endpoint Engineer

Endpoint Engineer Job Description

5iron is a privately held, rapidly growing company, providing best-in-class managed cybersecurity operations in the financial sector. 5iron redefines industry expectations by taking an active role in the protection of financial organization, delivering eyes on 24x7x365 cybersecurity operations to effectively minimize cyber risk inside these organizations. Bringing years of information security experience with financial institutions, our managed security operations protect critical network infrastructure from the growing number of threats to banks and the financial services industry.

5irons Security Operations Center (SOC) is located in Franklin, Tennessee and all security operations are run from this facility. 5iron does not use a Virtual SOC in which Security Analysts work from home or another remote location which can slow response times and affect client security. Our goal is more than notificationOur goal is remediation and resolution.

We are seeking an Endpoint Engineer to join our growing SOC team.

RESPONSIBILITIES

  • Analyze and monitor endpoint platforms for security risks to detect and act as escalation point for advanced threats/issues.
  • Perform security event triage and initial incident response to detected threats.
  • Assist other groups by providing endpoint log and troubleshooting information to resolve production issues.
  • Regularly plan and update/create endpoint policies or controls as needed to enhance security.
  • Identify potential gaps and offer solutions to include internal team needs, product improvements and client security postures.
  • Communicate and enforce Information Security policies.
  • Coordinates with other team members and management to investigate, document and report incidents.
  • Regularly create and maintain high quality documentation for knowledgebases, changes, and procedures.
  • Collaborate with our Threat Analysis Unit to provide in depth reports of confirmed security incidents and produce technical threat advisory broadcasts about new and emerging threats.
  • Assist/lead new endpoint product implementation to clients.

REQUIREMENTS

  • Expertise in Application Control (WDAC, Carbon Black Application Control)
  • Experience with endpoint security tools, Nextgen Anti-Virus (NGAV), and Endpoint Detection and Response (EDR)
  • Experience with APIs as they relate to security tools.
  • Proficiency with three or more of the below:
    • Threat Hunting.
    • SIEM and Log Management experience (Splunk, IBM QRadar, HP ArcSight, LogRhythm, Stellar Cyber, etc.).
    • Analysis and Forensic Tools (FTK, EnCase, ProcMon, WireShark, etc.).
    • Malware sandboxing experience.
    • Penetration Testing Tools (Metasploit, Kali, Atomic Red Canary, etc.).
    • IOC Management.

PREFERRED EXPERIENCE

  • BS/BA degree in Computer Science, Information Systems, related discipline, or equivalent experience.
  • 3-5 years of professional work experience in the cybersecurity industry.
  • The ideal candidate will have macOS and Windows operating system experience, as well as scripting skills. Linux/Unix skills are a plus.
  • Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan.
  • Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats.
  • Ability to work efficiently and self-motivate with little to no supervision.
  • Certification/training a plus: CISSP, SAN GIAC Certifications (GCIH, GPEN, GSEC, etc.), CompTIA (Security+, CYSA+, etc.), Carbon Black/VMware, Crowdstrike, SentinelOne, etc.
  • Strong written and verbal communications skills with an ability to present technical risks and issues to technical and non-technical audiences internal and external to the organization.
  • Regulatory experience is a plus (GDPR, ISO27K, SSAE16, HIPAA, PCI, FISMA, etc.).

ADDITIONAL

  • All candidates will be required to take an extensive background screen, credit screen, and drug screen prior to employment.

Five Iron offers premium benefits that are intended to support our people and their families. These include:

  • Company-paid health, dental and vision insurance plans for the employee
  • Up to a 4% 401k company match that vests immediately, its yours to keep
  • Generous paid time off and 10 holidays per year
  • Paid time off to vote and volunteer
  • Paid time off on your birthday because its your special day
  • Up to $100 per month for your internet and cell phone service
  • Team building events
  • Employee-selected lunch served every Friday

This is an on-site position in the 5iron SOC in Franklin, TN

Job Type: Full-time