Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Security Engineer to join our talented Cyber Security team. Our industry-leading, immigration-specific applications and technology are undergoing tremendous transformation and security is on the critical path to success in that endeavor. A professional, who is passionate about security, capable of effecting change, and ready to take on new challenges, is what we seek. You will be joining a small team of Security Engineers who help make security a distinguishing factor in our immigration software and service offerings. A successful candidate will help engineer solutions to accelerate and enhance Threat Detection, threat disruption, and incident response.
How you will make a difference as a Security Engineer II - Threat Detection and Disruption at Fragomen:
- Refine, validate and exercise our Incident Response Plan
- Develop workflows for incident response and case management
- Recommend, architect, deploy and maintain incident response tools to reduce time to contain, eradicate and recover from a potential incident
- Improve readiness by leading threat hunting and red or purple team exercises to assess security control effectiveness and monitoring, alerting and response
- Accelerate incident response through automation
- Lead a cross-functional team of experts to resolve cyber security incidents from triage through post-mortem/root cause analysis
- Develop and maintain strong relationships with key partners to enable timely and effective incident response
- Conduct tabletop exercises and training to raise overall security awareness
Let's talk if you have the following qualifications and experience:
- A passionate team player who builds knowledge and solves complex problems
- 3 or more years of Cyber Incident Response experience
- Proficient in scripting or coding and development frameworks (Powershell, Python, .NET)
- Advanced knowledge of exploitation techniques
- Advanced digital forensic experience on Windows, Linux and Apple platforms
- Experience with cloud native security tools
- Demonstrated knowledge of endpoint and network forensic tools
- Strong, professional communication skills that maintain under pressure
- Experience in automating investigative and response playbooks
- Knowledge of detection, forensic, security event and incident management, and orchestration tools
- One or more technical certifications that demonstrate technical prowess in DFIR, such as GIAC's GCIH, GCFA, or GCIA, a CCE, or Offensive Security's OSCP, OSCE, or OSEE, or a vendor-specific certification such as EnCase or FTK
- BA degree in a related field or a combination of related experience