More jobs:
Cyber Security Engineer
Job in
Roseville, Placer County, California, 95678, USA
Listed on 2026-07-07
Listing for:
Astound
Full Time
position Listed on 2026-07-07
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Responsibilities
- Lead and oversee 24/7 security operations, including monitoring, detection, triage, and incident response across enterprise environments (endpoint, network, identity, and cloud).
- Own the end-to-end incident response lifecycle - including identification, containment, eradication, recovery, and post-incident analysis, ensuring rapid, consistent, and high-quality execution.
- Drive root cause analysis, blast radius determination, and implementation of corrective and preventive actions.
- Establish, maintain, and continuously improve incident response playbooks, escalation procedures, and operational runbooks to enhance response effectiveness and reduce dwell time.
- Act as the primary escalation point for high-severity or complex security incidents, providing technical leadership, decision-making authority, and real-time guidance during active events.
- Lead advanced threat hunting operations using hypothesis-driven methodologies, leveraging EDR/XDR telemetry, SIEM data, network traffic, identity signals, and threat intelligence aligned to MITRE ATT&CK.
- Design, develop, and optimize detection engineering capabilities, including SIEM correlation rules, behavioral analytics, and custom detections to improve coverage and reduce false positives.
- Drive integration and tuning of security technologies (e.g., Crowd Strike, SIEM, SOAR, vulnerability scanners), ensuring alignment to enterprise risk priorities and operational efficiency.
- Define and track key SOC performance metrics (e.g., MTTD, MTTR, alert fidelity, containment time) to measure operational effectiveness and drive continuous improvement.
- Lead cross-functional coordination during incidents, partnering with IT, infrastructure, cloud, legal, HR, and executive leadership to ensure effective response and communication.
- Translate technical incidents into business impact, delivering clear, concise updates to leadership and facilitating decision-making at the executive level.
- Oversee vulnerability management efforts by correlating scan results with asset criticality, exploitability, and threat intelligence to drive risk-based prioritization.
- Lead post-incident reviews, tabletop exercises, and continuous improvement initiatives to strengthen organizational resilience and reduce repeat incidents.
- Mentor and develop SOC analysts and incident responders, establishing investigation standards, quality controls, and career development pathways.
- Ensure proper evidence handling, forensic integrity, and audit-ready documentation aligned with regulatory frameworks (e.g., NIST, CMMC, PCI).
- Identify emerging threats, adversary trends, and attack patterns, and operationalize insights into improved detections, controls, and defensive strategies.
- Analyze alerts to determine legitimacy and potential impact.
- Identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs).
- Escalate confirmed threats in accordance with established playbooks and procedures.
- Perform initial triage and investigation of security incidents.
- Other duties as assigned.
- 7+ years of Cyber Security experience.
- Demonstrated knowledge of actively debugging attacks.
- Expertise with Identity & Access, End Point Detection and Multi-Factor Authentication.
- Experience with NGFW, IDS/IPS, WAF, Proxy, PKI and Advanced Threat Protection, cloud, automation, and scripting.
- Ability to juggle multiple priorities where you are the driving force, ensuring completion and on-time delivery.
- Excellent written and verbal communication skills in a clear business relevant manner that is adjusted to the audience; up, down and across the organization.
- Proven independent decision making in high stress environment.
- Ability to collaborate, mentor and training members of the team.
- Demonstrated passion for security and self-driven to one day become an expert.
- Proven ability to rapidly learn and retain new technologies.
- Excellent interpersonal, customer support, verbal and technical writing skills; be a self-starter with the ability to achieve deadline-driven priorities.
- Demonstrated ability to collaborate and work in a team environment, exhibit professional initiative, self-direction, willingness,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×