This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The Cyber Security Engineer provides hands-on cybersecurity engineering and advisory services to Meriplex clients. This role works directly with client environments to design, deploy, configure, and support security technologies across infrastructure, cloud services, networks, and endpoints. The engineer partners with clients to understand their technical environment, security maturity, and business objectives, and delivers solutions that improve security outcomes while aligning with operational needs. This role also provides subject-matter expertise, documentation, and guidance to both clients and internal teams supporting client engagements.

• Design and secure security infrastructure to ensure a robust and resilient security posture.
• Perform complex deployments of security technologies.
• Execute information security activities such as vulnerability management, application development security, business continuity, networking, risk management, etc.
• Collaborate with cross-functional teams to integrate security controls and protocols into the client's infrastructure and applications.
• Develop and maintain security documentation, including architecture diagrams, standard operating procedures, and incident response playbooks.
• Understand various security framework standards and compliance requirements, such as NIST 800-53, ISO 270001, NIST CSF, CIS.
• Stay up-to-date with emerging security threats, vulnerabilities, and industry trends, and proactively recommend and implement countermeasures to enhance clients’ security posture.
• Provide technical expertise and guidance to clients and internal teams on security best practices, technologies, and regulatory compliance requirements.
• Research, evaluate, and drive next generation security technologies and solutions to solve organizational needs.
• Assist in incident response activities such as firewall log review, firewall configuration, SIEM review, XDR review.

Qualifications

• Strong customer service skills.
• Strong networking and security knowledge.
• Ability to apply secure system design tools, methods, and techniques.
• Strong interpersonal skills and team-oriented attitude.
• Coachable and able to turn feedback into results moving forward.
• Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Superior analytical and critical thinking skills.
• Understanding of how information travels.
• Familiar with incident response language.
• Well-rounded technical knowledge in Windows, Mac, Linux OS, VMware, Fortinet, SonicWALL, Palo Alto preferred.
• Strong experience with EDR/XDR technology such as Sentinel One and Crowdstrike.
• Strong understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries.
• Knowledge of the MITRE ATT&CK framework and Cyber Kill Chain.
• Familiarity with scripting languages such as bash, PowerShell, python, KQL.

Requirements

• 5+ years of security industry experience or equivalent skill level.
• 5+ years of experience managing Active Directory and Windows Server.
• Bachelor’s degree in a relevant field is a plus but not required.
• Experience with systems administration and network infrastructure is required.
• Previously assessed, developed, implemented, operationalized, and documented comprehensive security technologies and processes.

Certifications

• Security+, CCSP or similar desired.
• (ISC)² Certified Information Systems Security Professional (CISSP) preferred.

Physical Demands

Sedentary Work – Exerts up to 10 pounds of force occasionally, a negligible amount of force frequently, and/or constantly having to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time.

Disclaimer

The above information in this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.