Senior Cybersecurity Engineer

Job Description

We're ALTEN Technology USA, an engineering company that provides solutions for engineering, technology, and product development projects. For decades, we've been helping our clients develop products that are changing the world, whether that's by shaping the future of space exploration, saving lives with medical devices that set a new standard of care, or creating the fully autonomous electric taxi of tomorrow. Our team of more than 600 people works across industries including aerospace, medical devices and life sciences, unmanned systems and robotics, automotive OEM and tier 1 suppliers, commercial vehicle, electric vehicles, rail, and more. Our offices across the US have different industry focuses and engage with our clients in different ways, ranging from working on-site at client facilities to performing product development at our delivery centers.

ALTEN Group, our parent company, has been a leader in engineering and information technology for more than 30 years. ALTEN Group operates in 30 countries across Europe, North America, Asia, Africa and the Middle East and employs more than 36,000 people, 88% of whom are engineers. The company covers the whole development cycle and offers a choice of service levels, from technology consulting to complete project outsourcing.

When you join ALTEN Technology USA, you join a group of people passionate about collaborating to solve some of the world's most technical engineering challenges. Our success is tied to taking care of our employees by building relationships and providing opportunities for mentorship and career growth. We offer comprehensive benefits for all full-time employees, including medical, dental, and vision insurance; a 401(k) plan with employer matching; paid time off (PTO); paid parental leave; and mentorship to help you take your career to the next level. You don't have to take our word for it that we are a great place to work—we were named on the 2023 Top Workplaces list thanks to feedback from our proud employees.

As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities.

Responsibilities;

Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS)

Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation

Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats

Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements

Provide incident reports with detailed root cause analyses and actionable recommendations

Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization

Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing

Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls

Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.

Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.

Qualifications;

Bachelor's degree in Computer Science or a related 4-year technical degree

Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities

One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP

Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments

Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)

Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management

Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols

Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)

Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls

Working knowledge in modern cryptographic algorithms and systems

Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics

Network design knowledge including security architecture

Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)

Conceptual understanding of cyber threat hunting

Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response

Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting

Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement

Knowledge of new and emerging cybersecurity technologies

Ability to create technical documents as well as stakeholder sitreps and briefing documents

Preferred Qualifications;

Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles

CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement

Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP

Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs

Demonstrated knowledge in cyber defense policies, procedures, and regulations

Knowledge of cyber vulnerability management processes

Knowledge of common user and system authentication and authorization mechanisms

Salary Range: $100,000 - $130,000

The actual salary offered is dependent on various factors including, but not limited to, location, the candidate's combination of job-related knowledge, qualifications, skills, education, training, and experience.

ALTEN Technology is an Equal Opportunity Employer. Our Policy is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status.

Please beware of job seeker scams and see this important notice on our careers page for more information about our recruiting process.

Full-time