IT

Sr Security Engineer

Centurion Consulting Group

Sr Security Engineer Remote

We are hiring a Sr Security Engineer for a remote opportunity.

Job Description:

Key Duties

  • Investigate escalations/tickets/detections in the following systems and follow-up with users, system owners, etc. to resolution:

    • Deepwatch
    • Falcon Complete
    • Azure Sentinel/Defender for Cloud
    • SysAid
  • Review results of Tenable vulnerability scans on a monthly basis and coordinate remediation with users, system owners, etc.
  • Respond to global security incidents, participate in IR plan exercises, and help maintain IR plan
  • Respond to internal associate Security/Compliance reports (stolen devices, data exposure incidents, etc.)
  • Create and review “unmanaged assets” report of systems identified in the environment not running Falcon, remediate them and investigate where automated deployment mechanisms may be failing
  • Coordinate quarterly maintenance window to update non-auto-update (VDI) Falcon agents and work with international IT to complete update
  • Review Azure security configuration issues in MS Defender for Cloud and coordinate with users, system owners, etc. to resolution
  • Review 365 and Intune policy configuration and recommend changes as needs and threats change
  • Security point of contact for annual SOC2 assessment and ongoing HITRUST assessment project
  • Security policy review and update
  • Update incident response policy and training/awareness program
  • Consult with business for due diligence on business applications
  • Assign role-based privileged access via Azure PIM as needed
  • Maintain on-premises Tenable Nessus scanners (two in US, one each in every global region) and Web Application Scanner (one in US)
  • Maintain/update on-premises servers OS, Splunk, and Splunk apps

 

Other Duties

  • Coordinate annual and periodic penetration testing with 3rd party vendors and conduct remediation activities
  • Coordinate migration strategies with global IT for end-of-life software and operating systems
  • Review log sources with MSSP SOC and global Lockton regions to update/replace alert use cases based on needs and log changes
  • Configure logging for new log sources by building custom config/scripts, install vendor Splunk apps, syslog, or API inputs
  • Update Splunk Forwarder agents on servers and coordinate with international IT to update their assets
  • Update Splunk Cloud apps, dashboards, reports, saved searches, and alerts
  • Review and maintain list of public and private IP ranges globally via Tenable
  • Build and maintain discovery and vulnerability scans and tagging rules for all global regions in Tenable
  • Assist DevOps team with building Tenable Web Application Scans for newly built cloud-native applications
  • Investigate and remediate Falcon agents in Reduced Functionality Mode (RFM) or with other issues
  • Review Falcon automated deployment methods and update deployed agent version
  • Review and enable Microsoft-provided alert use cases as they become available for Microsoft Azure Sentinel
  • Configure logging for new log sources as they become available or necessary in Microsoft Azure Sentinel
  • Review and approve patches on a monthly basis
  • Configure newly added servers patch windows on a monthly basis
  • Meet with following teams to provide reference architecture and best practices recommendations:

    • DevOps
    • Infrastructure
    • Firewalls 
    • Lockton Re
    • LBDP
  • Create Azure Policy and/or Blueprints which can enforce best practices or standards frameworks (ISO, HITRUST, etc.) within Azure before it is built and remediate infrastructure already built
  • Review incoming 3rd party Azure AD application integration requests and work with IT, the business and Legal/Compliance to respond to requests
  • Assist team in responding to security questionnaires from clients and prospects, and attend meetings with them to answer their questions or review our internal assessments/sensitive documents confidentially

Position Details:

Clearance: N/A

US Citizenship required

Travel: < 10% (CONUS)

Centurion Consulting Group, LLC is an Equal Opportunity Employer EOE M/F/D/V

No third parties or subcontractors

Tagged as: Sr. Security Engineer