Cyberthreat Engineer - Oregon, United States - Ferguson Enterprises

    Ferguson Enterprises
    Ferguson Enterprises Oregon, United States

    2 weeks ago

    Default job background
    Description
    Cyberthreat Engineer - Incident Response (Remote) page is loaded Cyberthreat Engineer - Incident Response (Remote)

    Apply locations Remote time type Full time posted on Posted 2 Days Ago job requisition id R Job Posting:

    Ferguson is North Americas leading value-added distributor across residential, non-residential, new construction and repair, maintenance, and improvement (RMI) end markets.

    Spanning 34,000 suppliers and more than one million customers, we deliver local expertise, value-added solutions, and the industrys most extensive portfolio of products.

    From infrastructure, plumbing, and appliances, to HVAC, fire protection, fabrication, and more, we make our customers complex projects simple, successful, and sustainable.

    We have an exciting opportunity for a remote CyberThreat Engineer to join the CyberThreat Prevention team within Ferguson IT.

    The CyberThreat Specialist is a technical contributor, whose mission it is to prevent, detect, and respond to security incidents and to drive remediation across the enterprise.

    This specific position is responsible for the technical platforms and related standards that support the CyberThreat Prevention teams mission.

    This includes subject-matter leadership for the operation and stewardship of Security technology and processes that detect, prevent, and respond to threats to Fergusons IT infrastructure and services.

    Technology platforms include operating and/or integrating with Security Incident Management, Threat Intelligence, Security Information and Event Management (SIEM), Email Security, Firewalls, DDoS prevention, Wireless Security, URL Filtering, Intrusion Prevention, and related systems.

    This position works directly with IT, headquarters, branch management, and with external business partners to achieve the necessary business goals.

    This position requires positive relationship with IT, Security, business, and third-party SOC and other collaborators, to ensure that Ferguson can execute its business plans.
    This role is approved to be fully remote and can be based anywhere in the United States.

    Duties and Responsibilities:

    Threat Prevention and Incident ResponseProvide stewardship of all process and technology aspects of CyberThreat Prevention servicesEngage with 3rd party SOC to implement high quality, efficient processes and drive shift left processes and response automation.

    Ensure that all Service Offerings are available and operating reliably.
    Ensure the orderly and reliable collection of security events.
    Handle event correlation logic of SIEM platform.
    Tune alerting as the need arises.
    Employ available technology and threat intelligence to detect notable events and generate resulting Security Incidents as appropriate.
    Drive Incident response process, including actively responding, mitigating, and/or providing direction to related partners.
    Develop and distribute timely communications to appropriate team members, when incidents are detected and as mitigation progresses.
    Handle or drive security logging infrastructure integrations and event collection.
    Maintain and improve operational runbooks.
    Create and/or partner with Automation team members to automate response runbooks.
    Establish and maintain good working relationships with all IT, Security, third-party, service consumer, and business collaborators.
    Ensure that appropriate maintenance, monitoring, automation, and response procedures are in place, to meet Security and availability objectives.
    Conduct operations in a quality manner, in accordance with our ITIL and other documented processes.
    Capture, analyze, and report on service consumption and value delivered to customers, to ensure SLAs are met.
    Understand Security and company objectives and develop support strategies that map to CyberThreat Prevention Service Offerings.
    Actively monitor new and emerging technologies, trends, issues, and solutions and assesses their applicability to Fergusons Cyber Security capabilities. Contribute requirements to technology selection processes.
    Advocate for new/improved Security Service Offerings on behalf of Operations and its customers.
    Partner with Security Delivery to ensure that all new Security technology deployments include appropriate support and runbook documentation.
    Learn and attend training related to monitoring, ongoing support, routine engineering, and operation of new security technology.

    Partner with Security Governance team to monitor and implement compliance with the organization's security policies and standards among employees, contractors, and third parties responsible for Cyber Security.

    Additional Job Duties and Responsibilities Adhere to all policies, rules, regulations, and procedures.
    Perform other duties or functions as requested by management.
    Participate in on-call rotation as a technical and functional expert.
    Qualifications and Requirements Six (6) years of experience is helpful to perform at expectation.

    Applies in-depth sophisticated knowledge and skills of a specific/specialized technical area with understanding of external environment factors that may affect own specialist area.

    Provides experienced advice, coaching, and counseling within discipline/function area.
    Certifications not required, but SSCP (Systems Security Certified Practitioner) or CISSP (Certified Information Systems Security Professional) desirable.
    Experience in one or more industry-standard SIEM, vulnerability management, or related offerings.
    Azure Sentinel, KQL experience preferred.
    Experience in leading security incident response activities.
    Experience in security event collection and event correlation.
    Experience in log analysis (EDR, Firewall, Active Directory, WAF).Experience in digital forensics' analysis, binary triage, and reverse engineering.
    Experience in common exploit analysis.
    Understanding and practical use of MITRE ATT&CK framework.
    Ability to coordinate and prioritize work.
    Ability to optimally communicate in verbally and in writing.
    Ability to develop and deliver effective presentations to groups.
    Ability to lead and motivate individuals within a teams.
    Ability to efficiently operate computers, tablets and mobile devices.

    Knowledge of Microsoft Office software (Outlook, Word, Excel, PowerPoint, Access, etc.).Systems Security Certified Practitioner or Certified Information Systems Security Professional preferred.

    Working understanding of the SDLC and QA lifecycle and methodology preferred.
    Ability to work on multi-functional teams.

    Ability to work with all levels of the organization:
    Executives to developers.
    Application of logic, reasoning, and problem solving.
    Strong ability to work with time/date deadlines.

    Ferguson is dedicated to providing meaningful benefits programs and products to our associates and their familiesgeared toward benefits, wellness, financial protection, and retirement savings.

    Ferguson offers a competitive benefits package that includes medical, dental, vision, retirement savings with company match, paid leave (vacation, sick, personal, holiday, and parental), employee assistance programs, associate discounts, community involvement opportunities, and much more#LI-REMOTE
    • Pay Range:
    • Actual pay rate may vary depending upon location.
    The estimated pay range for this position is below. The specific rate will depend on a candidates qualifications and prior experience.
  • $5, $9, Estimated Ranges displayed are Monthly for Salaried roles OR Hourly for all other roles.
  • This role is Bonus or Incentive Plan eligible.
  • The Company is an equal opportunity employer as well as a government contractor that shall abide by the requirements of 41 CFR a), which prohibits discrimination against qualified protected Veterans and the requirements of 41 CFR A), which prohibits discrimination against qualified individuals on the basis of disability.
    • Ferguson Enterprises, LLC. is an equal employment employer F/M/Disability/Vet/Sexual Orientation/Gender Identity.

    Equal Employment Opportunity and Reasonable Accommodation InformationFerguson is a project success company providing expertise, solutions and products from infrastructure, plumbing and appliances to HVAC, fire, fabrication and more.

    As a leading value-added distributor of residential and commercial plumbing supplies and pipe, valves and fittings in the U.S., we exist to make our customers complex projects simple, successful and sustainable.

    The professionals we serve help transform the world we live in, and we are their trusted partners with the scale to provide peace of mind.

    Founded in 1953, Ferguson is part of Ferguson plc, which is listed on the New York Stock Exchange (NYSE:
    FERG) and London Stock Exchange (


    LSE:
    FERG).

    With approximately 36,000 associates across 1,700 locations, Ferguson plc serves customers in all 50 states, Canada, Puerto Rico, Mexico and the Caribbean.

    #J-18808-Ljbffr