CYBER SECURITY ENGINEER - HYBRID

Location: Hybrid north of Pittsburgh, PA 

Job Type: Full Time / Contract to Hire

Work Authorization: No Sponsorship

The A.C.Coy company has an immediate opening for a Cyber Security Engineer.  Ideal candidates must have an Associate degree or higher, 5+ years of general IT infrastructure experience,  3-5 years of SIEM support experience (configuration, optimization, detection engineering, upgrades, end-to-end problem identification and remediation) with 1 or more of those years supporting Azure Sentinel SIEM specifically.

• Support and maintain Azure Sentinel solution plus general security tooling
• SIEM configuration, optimization, and detection engineering while supporting other areas as needed
• Incident response, threat detection, vulnerability scanning, and risk management 
• Provide level 3 level operational support
• Automate and integrate security technologies using API and scripting technologies to link security technologies together and ensure sharing of information across technologies
• Utilize KQL to the level necessary to onboard new log sources and to support and troubleshoot log related problems in the SIEM solution
• Perform log source configuration, parsing and building data collection rules (DCRs) in the SIEM
• Perform complex solutions design and analysis and/or provide technical leadership and project management in design, development, training, performance, and delivery of complex applications and services that require integration of project team efforts across multi-functional areas
• Support client’s Enterprise SIEM in a hybrid on-premises and cloud network configuration, including installations, upgrades, and end-to-end problem identification and remediation
• Mentor IT engineers in performing engineering work and perform IT engineering design and analysis

Education:

• Associate degree + 5 years of relevant IT experience - Required
• Bachelor's degree - Preferred

Experience Required:

• Azure Sentinel (configuration, optimization, detection engineering) - 1+ years 
• Hybrid On-premise and cloud network SIEM configuration support - 3-5 years
• KQL (to onboard new log sources, support/troubleshoot log related problems in the SIEM) - 1+ years
• Microsoft Infrastructure environment support experience (M365, Azure) - 5+ years
• PowerShell scripting
• Knowledge of antivirus/anti-malware and EDR tooling and threat detection techniques (Microsoft Defender for Endpoint/Cloud Apps, Identity, Purview)
• Leadership experience - Preferred