Jobs · Information Technology · Virginia

Information Security Engineer

Babel Street · Reston, VA · 3 days ago
Information Technology$100k–$110k/yrFull-time

Responsibilities

  • Monitor, investigate, and respond to security alerts and incidents.
  • Administer Microsoft XDR, CrowdStrike Falcon, and Microsoft Entra ID.
  • Investigate phishing, identity attacks, endpoint detections, account compromise activity, and other security events.
  • Create, maintain, and improve security run books, Standard Operating Procedures (SOPs), and incident response playbooks.
  • Document investigations, findings, technical procedures, and operational processes.
  • Assist with vulnerability management and remediation efforts.
  • Cook up scripts, automations, and operational workflows to improve efficiency and reduce manual effort.
  • Coordinate with Infrastructure, Cloud, IT, and Engineering teams to resolve security findings.
  • Research emerging threats, attack techniques, and security technologies.
  • Utilize AI tools to improve research, scripting, documentation, troubleshooting, and engineering productivity.
  • Recommend and implement improvements to security processes, detections, workflows, and automations.
  • Participate in security projects and perform additional duties as assigned.

Requirements

  • Bachelor's degree in Cybersecurity, Cyber Operations, Systems Security Engineering, Computer Science, Information Assurance, or a related technical discipline.
  • Three (3) or more years of experience in Information Security, Security Operations, or Security Engineering.
  • Experience with Microsoft XDR.
  • Experience with CrowdStrike Falcon.
  • Experience with Microsoft Entra ID, including Risky Users and Identity Protection.
  • Working knowledge of AWS, Microsoft Azure, and Google Cloud Platform (GCP).
  • Experience investigating security incidents.
  • Experience writing PowerShell, Python, or similar scripting languages.
  • Experience developing automations and operational workflows.
  • Experience creating, maintaining, and improving security run books, Standard Operating Procedures (SOPs), and incident response playbooks.

Technical Competencies

  • Experience with, or the ability to quickly become proficient in, the following:
  • Security incident response and investigation.
  • Endpoint Detection and Response (EDR/XDR) platforms.
  • Security Information and Event Management (SIEM) platforms.
  • Log analysis, event correlation, and threat hunting.
  • Detection engineering and alert tuning.
  • Identity and authentication investigations.
  • Microsoft 365 and Microsoft Entra ID security investigations.
  • Email security and phishing investigations.
  • Vulnerability management and remediation workflows.
  • PowerShell, Python, or similar scripting languages.
  • Kusto Query Language (KQL) and/or Splunk Processing Language (SPL).
  • Microsoft Graph API, REST APIs, and security automation.
  • Cloud security investigations across AWS, Azure, and GCP.
  • Developing and maintaining security run books, Standard Operating Procedures (SOPs), and incident response playbooks.
  • Working knowledge of the NIST Cybersecurity Framework (CSF).
  • Familiarity with the MITRE ATT&CK Framework and common adversary tactics, techniques, and procedures (TTPs).
  • Strong understanding of enterprise technology, including Windows, Linux, networking fundamentals, identity systems, cloud infrastructure, and common enterprise architectures.

Similar jobs

Information Security Engineer

Jefferson County, ColoradoGolden, CO· 6 days ago
Information Technology$118k–$122k/yrapply on jefferson.wd5.myworkdayjobs.com

Information Security Engineer

Allspring Global InvestmentsMilwaukee, WI· 3 wk ago
Information Technology$70k–$95k/yrapply on careers-allspringglobal.icims.com