Cyber Security Engineer

  • Job

    Cyber Security Engineer

    Description

    Position Title

    Cyber Security Engineer

    Position Summary

    The Cyber Security Engineer reports into the Cyber Security Manager and is based in Burbank, CA. This position is responsible for identifying, evaluating, and reporting on cyber security risks, developing a set of security standards and best practices for the organization, monitoring networks and systems for security breaches and intrusions, leading technical and forensic investigations, managing the Deluxe vulnerability and penetration testing programs, and providing and implementing recommendations for security enhancements to management teams as needed.

    Main Duties

    • Perform application and web-based security vulnerability assessments and penetration tests in accordance with industry accepted methods, protocols, and tools
    • Planning, implementation, management, monitoring, and upgrading security measures for the protection of the organization’s data, systems, and networks
    • Prepare operational test environments for network penetration and attack scenarios
    • Develop detailed work plans, schedules, resource plans for recurring vulnerability and penetration assessments
    • Prepare post-test analysis and reporting of penetration and vulnerability testing activities
    • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, research, and document global threats to IT teams, and communicate residual risk
    • Perform static and dynamic analysis, reverse engineering, and debugging of malware samples using industry recognized tools including defeating anti debugging, packing, and obfuscation techniques
    • Identify and respond to cyber-security incidents in accordance with the Incident Response process
    • Monitor and operate enterprise-wide security platforms, investigate events using enterprise Security Information Event Manager (SIEM) and various network forensic tools, and work with the business on remediation efforts
    • Analyze security logs and investigate network and server security violations and intrusions
    • Forensically secure, preserve, capture, and analyze data from volatile memory and physical disks from laptops, desktop computers, servers, and mobile devices
    • Perform in-depth forensic analysis of captured data, network traffic, volatile memory, and host images to identify indicators of compromise and develop actionable threat intelligence
    • Monitor and analyze enterprise network and host-based sensor data originating from IDS/IPS, AD Domain Controllers, Endpoint Security Solution, SIEM, and Firewalls
    • Perform additional Cyber Security related duties as assigned

    Minimum Requirements

    • 2 – 4 years of working experience in Cyber Security related role
    • Network Security subject matter expert with experience and knowledge of application, web and network penetration testing and associated methodologies Including vulnerability assessment, attack vectors, and industry recognized open source and commercially available tools
    • Familiarity with Common Weakness Enumeration (CWE), Common Vulnerabilities and Exposures (CVE), Common Platform Enumeration (CPE), and Common Vulnerability Scoring System (CVSS)
    • Strong awareness of cybersecurity trends, emerging security technologies, and evolving threats
    • Advanced knowledge and experience of Windows Operating System Internals
    • Expert knowledge of Cloud infrastructure, security architectures, and standards
    • Expert technical knowledge of AWS foundation services related to compute, network, storage, content delivery, administration, security, deployment, and management
    • In-depth knowledge of managing and deploying EPP/EDR solutions
    • In-depth knowledge of networking and communication protocols and devices (routers, switches, firewalls)
    • In-depth knowledge of Splunk, SPL, and Enterprise Security
    • Working knowledge of x86 Assembly, Python, Powershell, Bash
    • Working knowledge of EnCase Forensic software and EnScripts
    • Working knowledge of development IDE’s, Visual Studio, Codeblocks, Eclipse, PyCharm
    • Working knowledge of debugging platforms, IDA Pro, Binary Ninja, x64dbg, OllyDbg, gdb
    • Working knowledge of vulnerability scanning tools, Burp Suite, Nexpose, Nessus
    • Working knowledge of virtualization technologies, such as VMWare and VirtualBox

    Preferred Requirements

    • A degree in computer science, IT, systems engineering, or related field
    • CCSP, OSCP, CEPT, GIAC, GWAPT, GPEN, CREA, EnCE certifications
    • In-depth knowledge of Linux, Unix operating systems Kali Linux experience
    • C#, C++, C familiarity
    • Movie industry or related field experience

    Core Competencies

    • Basic working knowledge of the NIST Cyber Security Framework
    • Basic working knowledge of the TPN and MPA best practice frameworks
    • Excellent understanding of enterprise IT systems, software development languages, ITIL, ITSM
    • Solid communication skills – verbal and written
    • Excellent problem-solving skills
    • Ability to work under pressure in a fast-paced environment and works with little direction and supervision, timely completion of projects, makes time for unplanned assignments, adapts to changing priorities
    • Perceived fairness; tolerance; honesty; confidentiality; consistent in enforcement and application of policies and procedures

    We offer competitive pay and a comprehensive benefits program including medical, dental & vision coverage, vacation & sick leave, 401(k), and more.

    About the Company

    Deluxe, a subsidiary of Platinum Equity, is a global leader in media and entertainment services for film, video and online content. Since 1915, Deluxe has been the trusted partner for the world’s most successful Hollywood studios, independent film companies, TV networks, exhibitors, advertisers and others, offering best-in-class solutions in post-production, distribution, asset and workflow management, and cloud-based technologies.

    With headquarters in Los Angeles and offices around the globe, the company employs over 3,500 of the most talented individuals, developers, and industry veterans worldwide. For more information, please visit www.bydeluxe.com.

    Diversity Statement

    Deluxe is committed to inclusivity, fostering an environment where every employee feels comfortable bringing their full selves to work. It is our policy to provide equal employment opportunities to all applicants and employees. Applicants will receive consideration for employment without regard to, and will not be discriminated against, on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran status, sexual orientation, gender identity or expression, genetic information or any other legally recognized protected basis under federal, state or local laws, regulations or ordinances. Deluxe will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable local, state and federal law.

    Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Deluxe. Please inform the company’s HR representative if you need assistance completing any forms or to otherwise participate in the application process.

More Information

Apply for this job

Leave your thoughts

Share this job