** Due to client requirements, applicants must be able to work on a w2 basis
Job Overview
A leading research-driven organization is seeking a Cybersecurity Engineer to serve as a subject matter expert and escalation point for security operations. This role requires a highly analytical and self-driven professional capable of investigating, diagnosing, and resolving complex security incidents across a large-scale, dynamic environment. Candidates with strong hands-on experience in incident response, threat analysis, and security operations will be prioritized.
Must Haves
-
5+ years of experience in cybersecurity, information security, or related fields
-
Strong experience with incident detection, response, and investigation using SIEM tools
-
Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S, SSH, RDP, etc.)
-
Experience with system administration across Windows, Linux, and macOS environments
-
Familiarity with security threats, vulnerabilities, exploits, and mitigation strategies
-
Experience analyzing phishing attempts, email headers, and compromised systems
-
Hands-on experience with scripting languages (e.g., Python, Bash) for automation
-
Ability to analyze structured and unstructured data (JSON, CSV) and correlate large datasets
-
Strong analytical and problem-solving skills with the ability to work independently
What the Client Needs You to Do
You will lead efforts to detect, investigate, and respond to cybersecurity threats while continuously improving security operations. This includes serving as an escalation point for complex incidents, performing threat hunting, and recommending security controls to mitigate risks. You will collaborate across teams to enhance security posture, support strategic initiatives, and promote best practices throughout the organization.
Key Responsibilities
-
Monitor and analyze security events using SIEM tools to detect potential threats and incidents
-
Investigate alerts to determine validity, impact, and required response actions
-
Serve as an escalation point for security incidents, including phishing, compromised accounts, and system breaches
-
Perform proactive threat hunting to identify vulnerabilities and emerging risks
-
Develop and enhance security monitoring capabilities, including alerts, dashboards, and automation
-
Implement and manage security tools such as vulnerability scanners, EDR, and intrusion detection systems
-
Collaborate with cross-functional teams to address security risks throughout project lifecycles
-
Provide clear communication and reporting on incidents, risks, and remediation efforts
-
Support security governance, policies, and compliance initiatives
-
Research and evaluate new security tools, technologies, and best practices
-
Contribute to security awareness and training initiatives across the organization
-
Mentor junior team members and share technical expertise
Additional Information
-
This is a fully remote role within a large, complex, and highly distributed technical environment
-
The position supports a diverse infrastructure including cloud platforms and enterprise systems
-
Experience with tools such as Splunk, Elasticsearch, QRadar, or similar SIEM platforms is preferred
-
Familiarity with security tools such as EDR, IDS/IPS, and vulnerability scanning solutions is beneficial
-
Experience with ticketing systems (e.g., ServiceNow) is a plus
-
Relevant certifications such as CISSP or equivalent are highly desirable
-
Candidates should be comfortable working in fast-paced environments with evolving priorities and limited standardization
W2 employees of Overture Partners who work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), 401(k) starting on day one, a variety of voluntary benefits including life and disability insurance, and sick time if required by law in the worked-in state/locality.
#25376