Security Engineer II
Burris Logistics · Milford, DE · 2 mo ago
HybridInformation TechnologyFull-time
Key Responsibilities
- Handle escalated security incidents from Level 1 analysts
- Investigate and resolve complex security alerts, including malware detection, phishing attacks, and unauthorized access attempts
- Conduct detailed root cause analysis and document findings
- Continuously monitor and analyze security events using tools such as SIEM (e.g., Splunk, QRadar, or Sentinel)
- Identify patterns, anomalies, and emerging threats to enhance detection capabilities
- Perform advanced vulnerability assessments and penetration tests
- Auxiliary with remediation planning and provide technical guidance to mitigate identified risks
- Maintain security configurations for firewalls, IDS/IPS, VPNs, and other network devices
- Support the implementation of advanced security controls and technologies
- Lead and participate in User Acceptance Testing (UAT) by designing test cases, validating functionality against requirements, and gathering feedback to ensure the successful delivery of new features and system changes
- Ensure compliance with industry standards and organizational policies, such as GDPR, HIPAA, or ISO 27001
- Assist with audits by providing relevant security data and evidence
- Develop and improve incident response playbooks and workflows
- Automate repetitive tasks using scripts or security orchestration tools
- Work closely with Level 1 analysts to provide guidance and training
- Collaborate with IT, DevOps, and other teams to address cross-functional security concerns
- Perform forensic analysis on compromised systems and devices to determine attack vectors and impact
Experience & Qualifications
- Education: BA/BS (4-year degree) or equivalent experience
- Experience: 3-5 years of experience in a cybersecurity role, with at least 1-2 years in an advanced or Level 2 position
- Certifications: CompTIA CySA+, GIAC certifications (e.g., GSEC, GCIA, or GCIH), Certified Information Systems Security Professional (CISSP), Microsoft Certified: Security Operations Analyst
- Technical Skills: Strong knowledge of firewalls, IDS/IPS, endpoint detection and response (EDR) tools, and vulnerability management systems; proficiency with SIEM platforms, such as Splunk, QRadar, or Azure Sentinel; understanding of networking protocols (e.g., TCP/IP, DNS, DHCP); familiarity with scripting languages like Python, PowerShell, or Bash
- Soft Skills: Strong collaboration and communication skills, with the ability to work effectively in a team environment; outstanding problem-solving abilities, a strong sense of urgency, and communication skills both written and verbal; desire to move up in the organization through skill improvement and collaboration improvements; ability to work seamlessly as part of a team and demonstrate strong team commitment