A.C. Coy

Compensation

Full Description

Overview Location: Hybrid north of Pittsburgh, PA Job Type: Full Time / Contract to Hire Work Authorization: No Sponsorship The A.C.Coy company has an immediate opening for a Cyber Security Engineer. Ideal candidates must have an Associate degree or higher, 5+ years of general IT infrastructure experience, 3-5 years of SIEM support experience (configuration, optimization, detection engineering, upgrades, end-to-end problem identification and remediation) with 1 or more of those years supporting Azure Sentinel SIEM specifically. Responsibilities Support and maintain Azure Sentinel solution plus general security tooling SIEM configuration, optimization, and detection engineering while supporting other areas as needed Incident response, threat detection, vulnerability scanning, and risk management Provide level 3 level operational support Automate and integrate security technologies using API and scripting technologies to link security technologies together and ensure sharing of information across technologies Utilize KQL to the level necessary to onboard new log sources and to support and troubleshoot log related problems in the SIEM solution Perform log source configuration, parsing and building data collection rules (DCRs) in the SIEM Perform complex solutions design and analysis and/or provide technical leadership and project management in design, development, training, performance, and delivery of complex applications and services that require integration of project team efforts across multi-functional areas Support client’s Enterprise SIEM in a hybrid on-premises and cloud network configuration, including installations, upgrades, and end-to-end problem identification and remediation Mentor IT engineers in performing engineering work and perform IT engineering design and analysis Qualifications Education: Associate degree + 5 years of relevant IT experience - Required Bachelor's degree - Preferred Experience Required: Azure Sentinel (configuration, optimization, detection engineering) - 1+ years Hybrid On-premise and cloud network SIEM configuration support - 3-5 years KQL (to onboard new log sources, support/troubleshoot log related problems in the SIEM) - 1+ years Microsoft Infrastructure environment support experience (M365, Azure) - 5+ years PowerShell scripting Knowledge of antivirus/anti-malware and EDR tooling and threat detection techniques (Microsoft Defender for Endpoint/Cloud Apps, Identity, Purview) Leadership experience - Preferred