Cyber Security Engineer - Hybrid Alexandria, VA

Position Title: Cyber Security EngineerLocation: Alexandria, VA - Hybrid weeklySalary: $145-160K + BonusNo sponsorship availableResponsibilities· Ensuring anomalous activity is detected and the potential impact of events is understood· Ensuring that information systems and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures· Ensuring detection processes and procedures are maintained and tested to ensure awareness of anomalous events· Ensuring response activities are coordinated with internal and external stakeholders (e.g., external support from service providers)· Ensuring analysis is conducted to ensure effective response and support recovery activities· Ensuring activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident· Ensuring response processes and procedures are executed and maintained, to ensure response to detected cybersecurity incidents· Ensuring recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents· Ensuring recovery planning and processes are improved by incorporating lessons learned into future activities· Ensuring restoration activities are coordinated with internal and external parties (e.g. coordinating centers, other CSIRTs, and vendors)Requirements for success:Experience requirement:· Minimum of 3 years’ experience working as a systems engineer or administrator· Minimum of 4 years’ experience working as a security analyst· Minimum of 5 years’ cybersecurity experienceEducation and/or certification requirement:· GCIH, GCIA, GMON, GCED, or equivalent GIAC defense focused certifications desired· Certifications by EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security, etc. to be considered based on relevance to defensive cybersecurity operations· Bachelor’s Degree in a related field such as cybersecurity, information technology, or computer science; equivalent combination of education and experience may be consideredSkills and abilities:· Extensive experience threat hunting, Digital Forensics Incident Response (DFIR), across on prem and multiple cloud provisions· Experience working with threat intelligence and protection platforms like Zerofox, Cyabra, etc.· Experience working with EDR platforms like Microsoft Defender, Carbon Black or CrowdStrike, to name a few.· Experience working with Managed Detection and Response (MDR) for endpoints, networks (NDR), email security, log analytics, SIEM and SOAR platforms like Darktrace, Red Canary, etc.· Experience in IAM/PAM, EPM, SSOi, ERP platforms· Some experience working with firewalls, WAFs, IDP/IDS/IPS, DLP, including policy setup for Fortinet, Cisco, etc.· Ability to participate as a technical lead on all projects requiring cybersecurity expertise and consultation· Ability to lead a Cybersecurity Incident Response Team (CIRT), Computer Security Incident Response Team (CSIRT) and Managed Security Services Partners (MSSPs) in the execution of daily incident response activities· Ability to deploy, integrate, configure, and maintain systems which comprise the overall cybersecurity technology stack· Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts· Desire and ability to help drive organizational adoption and buy-in of cybersecurity policies and standards across the organization· Eagerness to develop, grow, and maintain strong inter-team relationships across the business to aid in the accomplishment of the missionPreferred qualifications:· Expert knowledge in the following technologies and concepts: DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS· Strong foundational knowledge in IT technologies and concepts not limited to email security technologies, application security, cloud security (IaaS & PaaS, etc.), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows· Fundamental knowledge of NIST, MDM, OWASP, PowerShell/Python/JavaScript, MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS BenchmarksAddison Group is an Equal Opportunity Employer. Addison Group provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state, and local laws. Addison Group complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. Reasonable accommodation is available for qualified individuals with disabilities, upon request.