Cyber Security Engineer
Description
- Design, deploy, and maintain security solutions such as Endpoint Detection and Response (EDR), data-loss prevention (DLP), web application firewalls (WAF), zero-trust, and other security detection/prevention technologies.
- Lead the investigation and response to security incidents and breaches, ensuring timely resolution and documentation, while monitoring security alerts and events using Security Information and Event Management (SIEM) systems
- Conduct regular vulnerability assessments and security audits to identify and remediate security gaps.
- Maintain application static/dynamic/dependency scans and conduct penetration testing for identifying risks and coordinate reporting and remediation with stakeholders
- Configure and maintain cloud and infrastructure security configurations to ensure a secure enterprise risk posture.
- Serve as a subject matter expert on cybersecurity issues and provide guidance to stakeholders and other business units.
- Maintain detailed documentation of security policies, procedures, incident response activities, and assessment results.
- Assist with risk assessments and compliance activities to identify potential security risks and develop strategies to mitigate them.
- Evaluate and recommend new security tools and technologies to enhance the organization's security posture.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree preferred.
- Professional certifications such as CISSP, CEH, CISM, or equivalent.
- Minimum of 3-5 years of experience in cybersecurity engineering or a related role.
- Strong technical skills and experience with security technologies (e.g., SIEM, Endpoint Detect & Response, firewalls, IDS/IPS).
- Working knowledge of Vulnerability Managements, Cloud Security, Application Security, Incident Response., and Security Awareness & Training
- Working knowledge of security tools, languages and operating systems used in security practices (BURP Suite, Nessus, NMAP, Python, Kali Linux, etc.)
- In-depth knowledge of cybersecurity principles, protocols, and best practices.
- Experience with regulatory requirements and compliance standards (e.g., ISO 27001, NIST, PCI-DSS, HIPAA, GDPR).
- Excellent analytical, problem-solving, decision-making and communication skills.
- Ability to manage multiple tasks and projects in a fast-paced environment.
- Proven ability to work independently and as part of a team.
- Competitive compensation, benefits and generous time-off policies
- 4-Day summer work weeks and a winter holiday break
- 401(k) / DCPP matching
- Annual bonus program
- Casual, dog-friendly, and innovative office spaces
- For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits
- 10X Virginia Business Best Places to Work
- 10X Washingtonian Great Places to Work
- 9X Washington Post Top Workplace
- 3X St. Louis Post-Dispatch Best Places to Work
About CARFAX
CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX® Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world’s largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell – Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.
CARFAX is an Affirmative Action/Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify.