[Remote] Cyber Security Engineer #11336

Note: The job is a remote job and is open to candidates in USA. ECCO Select is a talent acquisition and consulting company specializing in people, process and technology solutions. They are seeking a skilled Cyber Security Engineer to support a critical infrastructure and utilities environment, focusing on deploying, administering, and optimizing an enterprise-scale security technology stack. The role involves managing security tools and processes, collaborating with various teams, and contributing to the overall security practices.

Responsibilities

• Administer and optimize the CrowdStrike Falcon platform, including the Identity Protection module with Active Directory integration
• Manage and enhance Varonis data security capabilities, including data discovery, access governance, and insider threat detection
• Configure, maintain, and troubleshoot Palo Alto firewalls and GlobalProtect VPNs to ensure secure network access across IT and OT environments
• Support and expand Guardicore (Akamai) microsegmentation policies to help reduce lateral movement and safeguard critical workloads
• Build and optimize Cribl pipelines for efficient log routing, enrichment, and data reduction for use with SIEM and security analytics platforms
• Collaborate closely with SOC, architecture, and IT teams to align security tools and processes with operational and compliance requirements
• Contribute to technical documentation, runbooks, and continuous improvement of the security stack and practices
• Provide technical expertise in incident response activities related to managed security platforms

Skills

• At least 7 years of professional experience in cybersecurity engineering or infrastructure security roles
• Direct expertise with CrowdStrike Falcon, particularly leveraging the Identity module and integrating with Active Directory
• Proficiency with Varonis for data governance and threat detection
• Experience configuring, maintaining, and optimizing Palo Alto Networks firewalls (Panorama experience preferred) and GlobalProtect VPNs
• Experience with Guardicore (Akamai Segmentation) or similar microsegmentation technologies
• Hands-on familiarity with Cribl Stream or Cribl Edge for data pipeline and log management in support of security analytics
• Strong understanding of Active Directory security concepts, including Kerberos, LDAP, and privileged access management
• Ability to work effectively in cross-functional enterprise environments, supporting both IT and OT systems
• Experience supporting security within critical infrastructure, utilities, energy, or OT/ICS environments is highly desired
• Familiarity with compliance frameworks, especially NERC CIP, is preferred
• Relevant certifications are a plus, such as: Palo Alto PCNSE, CrowdStrike CCFA / CCFR, AWS or general cloud security certifications
• Expertise in the following tools and technologies: CrowdStrike Falcon (Endpoint & Identity Protection), Varonis Data Security Platform, Palo Alto Networks (Firewalls, Panorama, GlobalProtect), Guardicore (Akamai Segmentation), Cribl (Stream / Edge), Active Directory / Identity Security, SIEM and enterprise logging platforms

Company Overview