This position is within the cybersecurity organization at Digital Maelstrom. Candidates will work closely with other engineers, principal consultants, and various client contacts such as stakeholders, architects, business analysts, client IT personnel, and management.
Duties
- Demonstrated ability to work independently, as part of a team of peers, and to support and contribute to a multidisciplinary team environment charged to secure client organizations from threats and vulnerabilities as part of a broader information security program.
- Must possess strong interpersonal and English communications skills; capable of writing purchase justifications, training users/team members in complex topics, making/giving presentations.
- Must be an individual of high integrity and be a model of unwavering integrity to others.
- Commitment to fostering a diverse working environment.
- Analyze and troubleshoot complex problems and provide technical and software solutions using a diverse mix of cutting-edge technologies.
- Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
- Demonstrated ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought.
- Demonstrated ability to solve complex problems, convey both oral and written English instruction, and handle multiple task interruptions while providing services in a professional and courteous manner.
- Proven ability to work with diverse audiences and translate technical information into non-technical information.
- Strong understanding of security technologies and strategies, including but not limited to firewall, IDS, policy management, security processes/best-practice, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response.
- Solid knowledge of common and emerging attack vectors, penetration methods and countermeasures.
- Knowledge of conflict resolution and incident escalation.
- Perform research, present analysis, and provide recommendations about systems, vulnerabilities, security controls, and recommend improvements which are consistent with business goals.
- Break down complex requirements into clear, actionable tasks which can be estimated and completed.
- Assist in the development, documentation, design, implementation, and testing of security controls for clients in conjunction with senior engineers.
- Review, triage, support, and escalate various kinds of IT related incident, support, and information request tickets.
- Gather, compile, and synthesize information in regard to technology, threats, vulnerabilities, threat models, processes, hardware, software, and people.
- Be capable of automating tasks using programming languages with well-documented, readable, and maintainable code.
- Write policy, procedure, standards, guideline, and other technical documentation about the proper implementation of sound security program elements.
- Review logs and other security event data for signs of cyber threats, vulnerabilities, or attacks and escalate to senior engineers.
- Test complicated and detailed aspects of a security posture or configuration, identify deficiencies, and recommend remediation actions.
- Be capable of continually improving one’s own skill set relevant to business and technical missions with minimal oversight. Must take initiative, negotiate with project management, and execute successfully on plans.
- Able to participate in agile team practices; reflect honestly on own performance, participate in shared team accountability, recommend changes for team improvement.
- Must be able to handle sensitive information with appropriate discretion according to company policies.
- Write manual and automated tests as part of a normal security practice.
- Other duties as assigned.
Position Schedule - Monday - Friday, 8am to 5pm Eastern
Requirements
Required Qualifications
- Candidate must be physically located within the Philippines and legally authorized to work . Position is contract remote work to US-based clients and companies.
- Experience with Windows, Linux, macOS.
- Experience with Command-line programs, Shell and Shell scripting.
- Understanding of networking fundamentals, protocols & application behaviors as related to security matters.
- Experience with secure configuration, implementation of systems.
- A solid understanding of best practices and techniques in attacking or defending information systems.
- Self-motivated.
Preferred Qualifications
- Have experience with network and web application penetration testing and related tools (OSCP preferred), OR
- Have experience with detection and SIEM tools and techniques (Sigma, Elastic Security, Microsoft Defender, etc).
- Have familiarity with software development processes and experience securing custom software.
- Cloud experience (any of AWS, Azure, Google Cloud).
Education
Bachelor’s Degree in Computer Science, Information Systems or related field; or certification in relevant programs (CISSP, CSSLP, OSCP, GPEN, GIAC, Security+, or others); or equivalent work experience.
No benefits. This position is 1099 Contractor only. Subcontracting is strictly forbidden.
#J-18808-Ljbffr