Security Engineer

Job description

Who we are:

Network Coverage is a best-in-class technology solutions provider specializing in IT managed services, cybersecurity, compliance, cloud enablement, digital transformation, and software development for mid-market and enterprise organizations. Our comprehensive technology solutions and operational excellence allow clients to focus on their business with the value of an end-to-end technology partner.

Network Coverage believes in providing purpose to our people and that character, integrity, and commitment win out. Technology is our mission, and empowering and developing our team is our passion.

Integrity, Humility, Ownership, Urgency, Service.

What the role is:

Security Engineer

Reports To: Information Security Manager

What you will do:

As a Security Engineer at Network Coverage, you will be part of the Security Engineering team triaging events and incidents as they are reported. As an Security Engineer, you will be responsible for Auditing, Vulnerability Scanning, Implementation of industry standard best practices working closely with our projects team, among other duties under the guidance of the security manager within the organization.
Due to the nature of the work, you may be required to fulfil on-call, incident response duties as part of a night and weekend rotation. Additional work hours may also be required during incident remediation events. 

Knowledge, Skills, and Abilities (KSAs) Required:

• Strong problem-solving and analytical skills.
• Excellent customer service skills, including understanding how to de-escalate, how to soothe and how to deliver the most efficient solution.
• Strong communication skills, both verbal and written.
• Strong familiarity with Windows desktop and server operating systems.
• Strong familiarity with Microsoft 365 and Azure Active Directory.
• Strong understanding of networking concepts, familiarity with routers, firewalls, access points, IDS/IPS and VPN.
• Familiarity with Email threat protection tools and concepts.
• Familiarity with RMM and asset management tools are a big plus.
• Understanding of tools and processes used in security monitoring and incident response.
• Experience with Endpoint Detection & Response (EDR) tools.
• Experience with Managed Detection & Response (MDR) cloud-based tools.
• Ability to understand vulnerabilities at a technical level and capable of recommending and effectively communicating mitigation strategy.
• Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech are a big plus.
• Strong organizational, operational, and inter-personal skills
• Ability to communicate and write in English professionally.
• Reliable personal transportation for use in traveling to clients' offices is essential if ever needed (Although rare)

Engineering:

• Drive NetCov’s client technology standardization initiatives.
• Assist with key technology initiatives both internal & external to the organization.
• Demonstrate a high level of engineering on key client projects and initiatives.
• Assist in research of new technology for both internal and external applications.
• Display strong problem-solving skills, and a firm understanding of how to correctly troubleshoot problems with as minimal client impact as possible.
• Perform in depth systems analysis on a multitude of technology devices, operating systems, and software.
• Ability to resolve advanced security engineering related issues.
• Display strong knowledge of cloud platforms including but not limited to AWS, Azure, GCP, M365, and Egnyte.
• Participate in investigations towards identifying root cause for security events, evaluating anomalous activity, and tuning for frequent false positives.
• Participate in the design and execution of vulnerability assessments and security audits.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Develop and maintain both internal and client-facing documentation and procedures for reviewing and enforcing end-to-end client security and compliance.
• Anticipate new security threats and stay-up to date with evolving infrastructures.
• Provide timely, detailed, and complete reports on security events and incidents to leadership.
• Provide some after-business hours support in response to security alerts and investigations.
• Perform other duties and tasks as assigned.

Work Environment:

Work is primarily performed in standard office environments. Client environments may vary. May be exposed to moderate noise levels from machinery. Work involves the operation of personal computer equipment for 8 hours or more daily.

Medium work: Exerting up to 50 pounds of force occasionally, and/or up to 30 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.

Duties may also involve stooping, kneeling, crawling, reaching, and moving equipment to install or check the installations of network devices and cabling. Travel to various worksites may be required.

Physical Requirements:

• Sitting
• Standing
• Moving of self
• Moving of equipment
• Communicating
• Visual acuity for driving and computer work
• Kneeling
• Crawling
• Reaching
• Stooping
• Lifting
• Pulling

Minimum Experience and Education Required:

• 2-4 years of experience working in an Information Security capacity.
• 4 year degree or equivalent real world experience
• CompTIA Security+ or similar.
• ISC2 SSCP (Substitute for Security+)
• High School Diploma or Accredited GED.

Supervisory/Managerial Experience and Responsibility:

• No supervisory or managerial experience required.
• No supervisory or managerial duties in this role.