Cybersecurity Engineer

Pay Rate:

The annual base salary range for this position $110,000-$130,000. Please note that the salary information is a general guideline only. At Sawdey Solution Services, we recognize that attracting the best talent is key to our strategy and success as a company. We will consider several factors when extending an offer to an applicant. These factors include (but are not limited to) the position, associated responsibilities, work experience, education, related training, and related skills.

Remote

Yes

This position falls under the umbrella of Sawdey's Managed Services Division (MSD). Sawdey MSD is a full-service Managed Service Provider (MSP)/Managed Security Service Provider (MSSP) providing IT and/or cybersecurity services to a variety of different clients (defense/government contractors, municipalities, non-profits, commercial organizations, etc.).

The Cybersecurity Engineer is primarily responsible for implementing and maintaining Cybersecurity Maturity Model Certification (CMMC) projects. They will have the responsibility for maintaining the integrity, security, and compliance of multiple client information systems.

• Responsible for supporting MSD work/contracts inclusive of CMMC technical design and implementation, risk analysis, asset management, and overall client management.
• Monitor and remediate security events including working with clients, end users, and vendors to address the event.
• Work directly with client POCs and client Senior Management on project planning, execution, and implementation.
• Perform day-to-day deployment, administration, and support of security infrastructure tools and systems, including but not limited to SIEM, Vulnerability Management, IDS/IPS, Anti-Virus, Anti-Malware, EDR, DLP, and other Network or System Monitoring tools.
• Configure, troubleshoot, and support Exchange Online, SharePoint Online, Teams, One Drive for Business, Intune, Defender XDR, and Entra .
• Investigating alerts and suspicious activity to determine if an incident has occurred.
• Provide immediate response to cybersecurity threats and intrusion.
• Contain affected systems and networks to prevent the incident from spreading.
• Conducting vulnerability testing, intrusion detection and prevention, risk management, and security assessments.
• Provide and participate in Incident Response training for internal and external clients.
• Assist in maintaining documentation on security architecture, procedures, and configurations.
• Prepare clients and support CMMC Self-assessments and CMMC Third Party Assessments Organization (C3
  
  PAO) assessments.
• Support client incident response activities both in and outside of standard business hours as needed.
• Assist with onboarding and training of new Sawdey MSD team members.
• May serve as a mentor to fellow Sawdey MSD team members.
• Perform other duties, as assigned.

• Seven (7)+ years' IT-related experience
• Two (2)+ years' of Incident Response experience
• Two (2)+ years' Vulnerability Management experience
• Two (2)+ years' managing endpoints
• Must be capable of working on cloud IaaS, PaaS, and SaaS systems, server infrastructure, and networking infrastructure.

Must have experience working with at least some of the following:

• Windows Server  and server roles such as Active Directory, DHCP, Group Policy, and DNS
• Microsoft Defender XDR
• Azure Sentinel
• Power Shell, Java, Python

• Bachelor's degree in an IT related field desired but not required.

• Two or more of the following certifications are desired, but not required:
• Certified Information Systems Security Professional (CISSP)
• GIAC Certified Incident Handler (GCIH)
• CompTIA Cybersecurity Analyst (CySA+)
• CompTIA Security +
• Microsoft 365 Certified:
  Administrator Expert
• Microsoft Certified:
  Cybersecurity Architect Expert
• Microsoft Certified:
  Azure Security Engineer Associate
• Certified Cloud Security Professional (CCSP)
• Certified Ethical Hacker (CEH)
  Cybersecurity Maturity Model Certification (CMMC) Certified Professional (CCP)

• Must be able to effectively communicate with customer and fulfill all duties and responsibilities as listed in the contract.
• Must be proficient in Microsoft Office suite including, but not limited to:
  Word, PowerPoint, Excel, and Outlook.
• Must be able to communicate and collaborate with corporate employees, clients, and colleagues in a professional, respectful, and timely manner.
• Must have daily and accurate time entry accounting for all service and non-service tasks.
• Must be able to articulate technical information to non-technical people.
• Must be self-motivated and self-directed with the ability to work with minimal direction and oversite.
• Must be able to pay very close attention to detail.
• Must be able to use personal smartphone device on an as-needed basis to perform job-related tasks such as supporting an on-call…