Cyber Security Engineer

At Forrester, we're trusted to work on trailblazing, mission critical problems that business and technology leaders face today. That's why we're always looking to empower talented individuals to perform at their best every single day. We're proud of our community of smart people and vibrant voices who come together to do what's right by our clients and each other. Our success is driven by curiosity, courage and customer obsession. The confidence and drive to be bold at work. Join us and build an extraordinary future.

About This Role:

The Cyber Security Engineer (CSE) will perform ongoing cyber security operations tasks and help engineer and maintain security solutions across the enterprise. The CSE will improve Forrester's cyber security posture by both proactively and reactively responding to security incidents, data breach incidents, phishing attempts, malware attempts, and system's availability compromise by monitoring and analyzing logs and alerts from different log sources. The CSE will perform threat and vulnerability analysis on Forrester IT infrastructure including cloud networks in AWS and Azure.

The CSE will investigate and respond to incidents, escalating as necessary. The CSE must stay current with emerging cyberthreats through security bulletins, external peer groups, and information security circles. The Cyber Security Engineer's gained knowledge will contribute to the improvement of security controls to address events ranging from intrusions, malware, WAF management and DDoS to unauthorized access, insider attacks, and loss of proprietary information.

Job Description:

• Analyze network traffic (including cloud networks AWS and Azure); flow logs; audit logs; DNS logs; server logs (including web servers, load balancers, proxies, etc.); and OS and application logs to identify compromised systems, identify denial of service attacks, and pinpoint resource abuse.
• Perform secure code reviews of multiple coding languages/platforms.
• Conduct complex investigations and deep analysis of security events focused on rapid containment, remediation, and mitigation.
• Detect, triage, analyze, and respond to cyberattacks and other malicious activities such as intrusion attempts, DDoS, malware distribution, phishing attacks, etc., originating from OR targeted toward Forrester.
• Apply insight and expertise to examine malicious code (malware), attack vectors, network communication methods, analyze threats against target systems and networks, and determine vulnerabilities.
• Proactively hunting threats, blue teaming, performing exploit and vulnerability research, all to find and close loopholes exploited by bad actors.
• Locating trends in abuse/attack vectors, communicating with leadership to apprise of extent, and suggesting appropriate product changes to prevent future occurrences.
• Contribute to designing, implementing, and managing security incident and vulnerability management and reporting.
• Develop technical solutions to help mitigate security vulnerabilities and automate tasks to increase operational efficiency.
• Design and establish continuous monitoring programs using cybersecurity monitoring, vulnerability scanning, and intrusion detection and management tools.
• Identify opportunities to improve the quality and resiliency of the company's systems and applications.
• Research and recommend solutions to improve the company's security posture on-premises and in the cloud.
• Partner with operations and infrastructure engineering teams to implement and tune security monitoring, tooling, and reporting.

Job Requirements:

• Postgraduate/graduate with cybersecurity major and passion for cybersecurity.
• Interest in network, host, and cloud-based security, attack techniques, analysis, and investigation.
• Can understand and write at writing search queries or analytics for popular SIEM solutions.
• Understanding of a variety of logs coming from cloud, network or endpoint devices, including logs from AWS and Azure.
• Knowledge of cloud security monitoring and in advanced cloud log analytics.
• Strong curiosity and ability to continuously question every process and technology to identify security risk and provide mitigations.
• Passionate about vulnerability, intrusion, and incident assessment, remediation, and management skills.
• Knowledge of security technologies (e.g., AV, IDS/IPS, NGFW, SIEM, WAF, DLP, encryption certification management and malware analysis and protection), with a commitment to keep current with the latest developments in this field.
• Experience in identity management/authorization and authentication (e.g., SSL, IPSEC, PKI, SAML, Kerberos, LDAP).
• Strong familiarity with Windows or Linux OS (preferably both).
• Strong analytical and troubleshooting skills driven by a logical, methodical approach.
• Someone who is transparent and open to feedback.
• A sense of urgency without sacrificing quality.
• A collaborative team player with high standards and ethics.

Please note that the base salary range indicated here is inclusive of all applicable US geographies listed in this requisition. This salary range is based upon the position as described in the job listing. The offered compensation may vary within this range and is dependent upon the successful candidate's primary work location, experience, training, education, and credentials.

Base salary range: $82,000 - $134,000

• #LI-DNP
• #LI-DNI

Explore #ForresterLife on:

Instagram

LinkedIn

Glassdoor

FLSA Status:

Here at Forrester, we welcome people from all backgrounds and perspectives. Our aim is for all candidates to be able to fully participate in Forrester's recruitment process. If you would like to discuss a reasonable accommodation, please reach out to accommodationrequest@forrester.com.

Forrester Research, Inc. is an Equal Employment Opportunity Employer. As a federal contractor, Forrester encourages veterans and individuals with disabilities to apply for employment.

Benefits at a Glance

Benefits at a Glance - Cambridge