Cybersecurity Engineer

Cybersecurity Engineer

MetTel is a global communications solutions provider with the most complete suite of fully managed services that focus on secure connectivity, and network and mobility services. We simplify communications and networking for business and government agencies. Our customers include many of the Fortune 500, and Gartner recognizes us as an industry leader. We have the broadest portfolio of technology and integrated partnerships, as well as our private network, which we use to create tailored solutions design, deployment, and ongoing management, driving cost savings, efficiency, innovation, and the ability to focus on core objectives.

We believe that each team member is a key to the success and sustainability of the group. In order to achieve this, we offer an environment where all professionals can grow and develop their skills and competencies, collaborate with diverse professionals, share knowledge and enjoy a rewarding career.

We are looking for a Cybersecurity Engineer to join our Corporate IT Team in NYC!

Role and Responsibilities

The Cybersecurity Engineer is a hands-on technical role responsible for implementing, maintaining, and optimizing security controls across our hybrid infrastructure environment serves as a subject matter expert in designing, implementing, and administering our comprehensive security technology stack. This role combines deep technical expertise in cybersecurity tools with hands-on system administration skills to support our self-hosted, on-premises security infrastructure. The ideal candidate combines infrastructure knowledge with a strong understanding of security operations, compliance requirements, technical implementation and testing and assessing risk. They will be capable of supporting our security toolset including CyberArk, Splunk, OKTA, Tenable, SOAR platforms, and other security analytics solutions.

Responsibilities

Vulnerability & Threat Management

• Conduct vulnerability assessments across containerized and traditional infrastructure
• Perform ethical hacking and penetration testing to identify security weaknesses on our applications periodically and at times of new releases.
• Lead remediation efforts and track vulnerability lifecycle management
• Analyze security alerts and incidents, performing root cause analysis
• Contribute to threat hunting activities and security monitoring

Security Platform Architecture Support and Administration

• Administer and optimize enterprise security tools including SIEM, EDR, vulnerability scanners, and container security platforms
• Manage security aspects of VMware infrastructure, storage systems, and network segmentation
• Configure and maintain authentication systems (SAML, RADIUS) and identity management platforms such as OKTA.

Security Tools Administration & Management

CyberArk Privileged Access Management

• Administer CyberArk PAS (Privileged Access Security) including Vault, CPM, PSM, and PVWA components
• Configure privileged account onboarding, password management policies, and access workflows
• Implement CyberArk integrations with Active Directory, applications, and infrastructure systems
• Manage CyberArk clustering, disaster recovery, and high availability configurations
• Troubleshoot CyberArk performance issues and optimize system configurations

Splunk Enterprise & Security Operations

• Administer Splunk Enterprise infrastructure including indexers, search heads, and forwarders
• Configure and maintain Splunk Enterprise Security (ES) for security monitoring and incident detection
• Develop custom Splunk searches, dashboards, and alerts for security use cases
• Manage Splunk data models, knowledge objects, and correlation rules
• Optimize Splunk performance, storage management, and cluster operations

Vulnerability Management & Security Testing

• Administer Tenable Security Center and Nessus scanning infrastructure
• Configure vulnerability scanning policies, schedules, and remediation workflows
• Integrate vulnerability data with other security tools and ticketing systems
• Develop custom vulnerability reporting and metrics dashboards
• Coordinate vulnerability assessment activities and penetration testing support

Security Orchestration & Response (SOAR)

• Implement and maintain SOAR platforms for security automation
• Develop automated playbooks for incident response, threat hunting, and remediation activities
• Create custom integrations between the SOAR platform and existing security tools
• Design automated workflows for security alert triage and response coordination
• Maintain SOAR platform performance and troubleshoot automation issues

System Administration & Infrastructure

• Test disaster recovery, and business continuity procedures for security systems

Security Operations Support

• Provide Level 2/3 technical support for security incidents and tool-related issues
• Participate in incident response activities and forensic investigations
• Develop and maintain security procedures and troubleshooting guides
• Support 24/7 security operations center (SOC) activities and on-call rotation
• Collaborate with security analysts to optimize detection rules and reduce false positives

Compliance & Governance

• Support compliance initiatives including SOC 2, PCI DSS, NIST SP 800-53 and regulatory audits
• Maintain security tool documentation, configurations, and change management procedures
• Implement logging and audit trail requirements for compliance frameworks
• Develop security metrics and KPI reporting for management and auditors
• Ensure security tools meet data retention and privacy requirements

Cross-functional Collaboration

• Partner with IT infrastructure teams on security tool deployment and maintenance
• Collaborate with application development teams on security tool integrations
• Work with network teams to implement security monitoring and traffic analysis
• Support risk management activities with technical security assessments
• Provide security expertise for project planning and technology implementations

Desired Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience
• Relevant certifications preferred: CCSP, CISSP, GCIH, GCFA, Security+, CySA+, GSEC, or equivalent
• Vendor-specific certifications: CyberArk Defender/Sentry, Splunk Certified Admin/Architect, Tenable Certified Security Practitioner

Technical Skills - Core Platform

Security Tools Proficiency (3+ years each)

• CyberArk : Deep experience with PAS components, policy configuration, and enterprise deployment
• Splunk : Advanced administration of Splunk Enterprise and Enterprise Security, including clustering and performance optimization
• Tenable : Comprehensive vulnerability management experience with Security Center, Nessus, and enterprise scanning
• SOAR Platforms : Hands-on experience with security orchestration tools (Phantom, Demisto, IBM Resilient, or similar)

System Administration (5+ years combined)

• Advanced Linux administration (RHEL, CentOS, Ubuntu) including shell scripting and automation
• Windows Server administration including PowerShell scripting and Active Directory integration
• Network security concepts and implementation (firewalls, IDS/IPS, network segmentation)

Security Specializations

• Enterprise PKI and certificate management
• Log aggregation, analysis, and correlation techniques
• Incident response procedures and forensic analysis
• Threat intelligence integration and threat hunting methodologies
• Security automation and orchestration best practices

Professional Experience

• 4+ years of cybersecurity experience with focus on enterprise security tools
• 4+ years of hands-on system administration in enterprise environments
• Experience with self-hosted, on-premises security infrastructure
• Proven track record of security tool implementations and migrations
• Experience participating in and supporting compliance audits and regulatory requirements

Additional Skills

• Strong scripting abilities (Python, Bash, PowerShell) for automation and integration
• Experience with API integration and custom security tool development
• Knowledge of cloud security platforms (AWS Security Hub, Azure Security Center) preferred