Cybersecurity Staff Engineer

Job Description

DESCRIPTION:

At onsemi, cybersecurity is a collective responsibility. The mission of enterprise cybersecurity service operations is to protect onsemi, our employees, and our customers while enabling rapid, secure innovation. Our cybersecurity engineering teams are critical in achieving this mission. The Cybersecurity Engineer is a senior-level position within enterprise cybersecurity operations which encompasses monitoring & triage (M&T), threat intelligence (TI), cyber incident response (CIRT), and cybersecurity platform engineering (SPE). Cybersecurity Engineers have overall responsibility for integration, configuration, tuning, and maintenance of cybersecurity control architecture.

Responsibilities

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Engineer, manage, and monitor events and performance from multiple cybersecurity products associated with the company’s cybersecurity control architecture.
• Monitoring performance metrics associated with IT/OT cybersecurity to ensure controls are tuned for peak effectiveness.
• Engineer custom integrations between disparate cybersecurity tools, enhancing our overall detection and response framework and mean times to detect, respond, and contain.
• Perform data gathering, analysis, synthesis, and solution engineering to support onsemi cybersecurity data protection practices and insider threat management program.
• Monitor and conduct comprehensive investigations and incident response activities across various cloud and on-premises cybersecurity platforms.
• Continuously refine automation playbooks to adapt to the ever-changing threat landscape, ensuring our defenses remain robust.
• Investigate and respond to cybersecurity threats escalated from first responder groups and make change requests to the configuration and policy of cybersecurity control architecture.
• Evaluate, recommend, and adjust cybersecurity engineering work processes as necessary to correct adverse trends.
• Work closely with first responder analysts in the SOC to identify and address threats in a timely manner and to troubleshoot and resolve operational issues.
• Serve as an escalation point for other members on the team, lead the review, and processing of events from various sources, and provide expert level analysis and detection capabilities.
• Participate in troubleshooting efforts and perform technical writing, participate in briefings, as well as be a mentor for peer cybersecurity engineers and analysts.
• Drive advanced cybersecurity monitoring, research, classification, and analysis of cyber events.
• Leverage cybersecurity solutions to investigate events, hunt for threats, and analyze anomalous behavior.
• Collaborate with cybersecurity operations and threat intelligence functions to refine and automate detection mechanisms.
• Configure and tune SOAR solutions to automate cybersecurity operations, minimize manual tasks and accelerate incident response.
• Stay abreast of the latest in threat intelligence and cybersecurity trends.
• Mentor junior team members, fostering an environment of growth and continuous improvement within the cybersecurity team.
• Stay current on the latest cloud cybersecurity trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks.
  
  

Qualifications

Years of experience:

• A minimum of 5 years of experience in cybersecurity engineering, with a strong emphasis on cloud cybersecurity, data loss prevention, and associated detection/response mechanisms.
• Minimum of 3 years cybersecurity engineering experience in mid-sized to large, global organizations.
• 3+ years of cloud computing experience in AWS, Azure, and/or GCP.
  
  

Education and Training:

• B.S. in Cybersecurity, Computer Engineering, Computer Science, or Information Systems; Special consideration given to relevant industry certifications i.e. SANS, CISSP, CCSP, GCIH, GCFA.
  
  

Technical Skills:

• Knowledge and experience with data protection and data loss prevention programs, process, and technology.
• Strong understanding of cybersecurity monitoring tools for cloud environments such as CSPM, CWPP, CNAPP.
• Hands-on experience with SOAR platforms, SIEM and UEBA systems, and other critical cybersecurity technologies.
• Hands-on experience with cybersecurity features and system administration on one or multiple operating systems.
• Understand cybersecurity vulnerabilities in common operating systems, web, mobile, and cloud workloads, including knowledge of remediation procedures.
• Comprehensive understanding of the cybersecurity threat landscape and effective mitigation techniques.
• Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc.
• Ability to lead other engineers in day-to-day Threat Hunting specialty operations teams (rapid response).
• Experience analyzing new requirements and making cybersecurity recommendations based on business objectives.
• Ability to analyze complex cybersecurity scenarios and develop effective, automated responses.
• Effectively create and deliver meaningful briefs (metrics) to various teams and management.
  
  

Soft Skills:

• Must possess excellent communication skills and ability to cooperate with other business functions.
• Demonstrated problem-solving skills with the ability to develop creative alternatives to complex problems and continuous process improvement skills.
• Solid understanding of project management principles, including a demonstrated ability to multi-task effectively
• Possess excellent communication skills.
• Work well within a global team.
• Ability to interact with multiple levels and functions across the organization.
• Excellent communication skills, with the ability to collaborate effectively in a remote work environment and engage with team members across different time zones.
  
  

Experience (preferred)

• Knowledge of MITRE ATT&CK Framework.
• Proficiency with multiple cybersecurity control technologies.
• Experience with DLP or Cloud Cybersecurity Technologies.
• Strong cybersecurity background with a proactive approach to hunting and investigating threats.
  
  

About Us

onsemi (Nasdaq: ON) is driving disruptive innovations to help build a better future. With a focus on automotive and industrial end-markets, the company is accelerating change in megatrends such as vehicle electrification and safety, sustainable energy grids, industrial automation, and 5G and cloud infrastructure. With a highly differentiated and innovative product portfolio, onsemi creates intelligent power and sensing technologies that solve the world’s most complex challenges and leads the way in creating a safer, cleaner, and smarter world.

More details about our company benefits can be found here:

https://www.onsemi.com/careers/career-benefits

About The Team

We are committed to sourcing, attracting, and hiring high-performance innovators, while providing all candidates a positive recruitment experience that builds our brand as a great place to work.