CyberSecurity Engineer, Identity Protection – Tier 3
Job Description:
- Deploy and configure Endpoint Detection and Response (EDR) agents across client environments. Customize detection policies to minimize false positives and ensure seamless client business operations.
- Analyze EDR telemetry to detect "living off the land" attacks and anomalies that traditional antivirus would miss.
- Actively monitor client endpoints for malicious indicators. When threats are detected, immediately isolate compromised devices and communicate the scope of the incident to the customer and cross-functional teams supporting the customer.
- Generate monthly executive summaries for clients detailing blocked attacks, health status, and ROI on their security investment.
- Schedule and run next-gen vulnerability scans on client networks and execute penetration tests as applicable against client assets.. Review the results with the client's (or their IT point-of-contact), prioritize critical patches, and verify their remediation.
- Monitor for threats and vulnerabilities specific to “Smart Home” and Internet of Things (IoT), alert impacted clients, and assist clients in the hardening of their home networks and IoT devices.
- Proactively monitor the Dark Web and criminal forums for our clients' compromised credentials, leaked intellectual property, or domain spoofing.
- Work with cross-functional teams to alert clients immediately upon discovery of leaked data and provide specific instructions on changing passwords or locking down accounts.
- Manage the credit monitoring platform, and alert clients to changes in credit scores, new credit inquiries/accounts and other identity alerts that could indicate fraudulent activity.
- In conjunction with Client Success Managers, serve as the dedicated case manager for confirmed identity theft incidents. Handle the end-to-end resolution process so the client does not have to navigate the bureaucracy alone.
- Assist in the restoration of compromised accounts, including synthetic identity fraud, medical identity theft, and tax refund fraud.
- Actively hunt for client PII on people-search sites and data broker databases. Manage the "opt-out" and removal process to minimize their public attack surface.
- Identify repetitive manual tasks (e.g., alert triage, monthly reporting, initial containment) and build SOAR playbooks or scripts (Python/PowerShell) to automate them.
- Evaluate and implement AI-driven tools to enhance threat detection accuracy. Utilize Machine Learning features within our stack to reduce "alert fatigue" and false positives.
- Continuously assess our toolset's architecture. optimize API integrations between our Identity platforms, EDR, and ticketing systems to ensure we can handle increased client volume without linear headcount growth.
- Conduct "Post-Mortem" reviews after incidents or complex identity cases to identify process gaps, updating standard operating procedures (SOPs) to be faster and smarter next time.
- Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
- Develop custom scripts, tools, or methodologies to enhance our Incident Response processes
- Develop comprehensive and accurate reports of forensic findings and Incident Response activities for both technical and executive audiences
- Be part of an on-call rotation and escalation team
- Participate in knowledge transfer sessions, product training and other strategic initiatives as needed
- Maintain working knowledge of BlackCloak’s solutions, platform features and best practices
- Mentor and support Client Success and Security Team Members
- Work closely with the engineering and product teams to continuously improve BlackCloak products
- Perform research and development on the latest cyber security attack and defense trends
- Work with the sales team to do technical demonstrations and provide subject matter expertise
- This position will require occasional time on nights and weekends to address client incidents, emergency onboardings and issues.
Requirements:
- 3-5+ years of experience in Cybersecurity, Fraud Analysis, or Security Engineering
- A college degree in an Information Technology (IT/CS/CE) related discipline is a plus, with equivalent experience also considered
- Industry recognized information security certifications a plus:
- CISSP
- CCSP
- CFCE
- GIAC
- OSCP
- OSCE
- Security+
- CEH
- Penetration and vulnerability testing experience
- Windows and macOS forensic investigation and vulnerability management experience
- Experience in deploying, managing, and optimizing EDR tools to effectively detect, respond to, and mitigate threats
- Being able to correlate assets across multiple systems to ensure operational clarity and coverage is a must.
- Experience developing detection alerting using automation, orchestrating detection logic to trigger responses, and developing efficient security workflows.
- Experience with client service, communicating complex technical concepts, and a strong analytical mind required.
- Technical knowledge of operating systems such as Windows, macOS, iOS, Android, Linux
- Solid understanding of the US Credit System (Bureaus, FICO, FCRA rights).
- Experience managing identity monitoring platforms (alerts on Credit, SSN, PII)
- Operate independently and efficiently to manage multiple tasks and priorities simultaneously and successfully
- High degree of interpersonal communication skills and discretion for client privacy
Benefits:
- 100% Remote Company, within the USA
- Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.
- Health Savings Account with company contribution for eligible medical plans.
- Flexible Vacation Plan
- 10 Paid Company Holidays
- 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance
- 401k with Traditional and Roth options, including employer match.
- Company Equity
- Paid Parental and Pregnancy Recovery Leave
- Company and team off-sites and virtual events throughout the year
- Home office stipend
Apply tot his job Apply To this Job