Security Engineer Job Details Job Location ABEL SOLUTIONS MARIETTA - MARIETTA, GA Remote Type Fully Remote Position Type Full Time Indirect Education Level 4 Year Degree Job Shift Day Job Category Information Technology Description COMPANY The Applied Technical Services Family of Companies (“ATS” or the “Company”) is a leading provider of critical testing, inspection, and certification services. The Company serves a diverse set of large and stable end markets including manufacturing, power generation, aerospace, medical, and defense. ATS is headquartered in Marietta, GA and employs over 1,900 team members at approximately 70 locations across the United States. Our purpose is to create a safe and reliable world. Position Description Abel Solutions is a rapidly growing IT Consulting and Managed Services provider for more than 100 companies and counting. Our growing Cybersecurity team (“SecOps”) is looking for a Security Engineer who will report to the Director of Information Assurance & Cybersecurity. The SecOps team is a central pillar of our growth strategy, and the Security Engineer will focus on delivering top-tier engineering expertise in Microsoft 365, Terraform, and infrastructure hardening, while contributing to incident response and forensics efforts. The Security Engineer must have a record of self-study and be motivated to articulate findings based on industry best practices. Our team’s mission is to provide state-of-the-art operational security services to a variety of business industries in order to thwart Threat Actor (“TA”) compromise. This is your opportunity to join this growing team and leave your mark on the development of Abel Solutions Cybersecurity-as-a-Service department. NOTE: The successful candidate for this position will have access to information subject to U.S. export controls under the U.S. International Traffic in Arms Regulations (“ITAR”) and/or U.S. Export Administration Regulations (“EAR”). Based on the sensitivity of this information, the successful candidate must be a U.S. Person, as defined by ITAR, or, in the event the applicant is not a U.S. Person, be eligible for export licenses to be obtained from the Department of State, Directorate of Defense Trade Controls (“DDTC”) on a per-project basis to access ITAR and EAR controlled data and information. A “U.S. Person” includes (a) U.S. citizens or nationals; (b) U.S. lawful permanent residents (i.e., “green card” holders); (c) persons granted refugee status; or (d) persons granted asylum in the United States. Company may choose not to apply for such license at its discretion due to federal approval timing considerations. Job Responsibilities Microsoft 365 Engineering: · Configure, manage, and secure both on-premises and cloud-based Microsoft 365 environments, ensuring alignment with best practices for infrastructure architecture. Infrastructure Security Hardening: · Implement and maintain remote infrastructure using Hyper-V, providing expertise in securing environments and building automation pipelines for scalability. Terraform Policy as Code: · Design and enforce infrastructure policies using Terraform to automate and manage secure environments at scale. Compromised Infrastructure Analysis: · Perform Root Cause Analysis (RCA) on compromised infrastructure, ensuring rapid identification of attack vectors and mitigation strategies. Warhead Development for Pen testing: · Design and build infrastructure "warheads" to simulate attack conditions and support penetration testing activities. Compliance Engineering: · Conduct engineering control checks around compliance requirements, working closely with Governance, Risk, and Compliance (GRC) teams to ensure all standards are met. Scripting and Automation: · Develop and maintain robust scripts for both Linux and Windows environments to automate security tasks, streamline processes, and ensure operational efficiency. GitLab Maintenance: · Manage and maintain GitLab repositories, ensuring secure version control and continuous integration pipelines. Incident and Forensic Response: · Serve on the Incident Response and Forensics team, contributing to breach impact analysis, tooling development, and real-time mitigation efforts. Detection Engineering in SumoLogic SIEM: · Design, implement, and optimize detection rules and alerts using the SumoLogic query language (LogReduce, LogCompare, etc.) to detect potential security threats in real time. Data Source Management: · Integrate, manage, and monitor various data sources within the SumoLogic platform, ensuring data ingestion from critical infrastructure, cloud services, and applications. Other Responsibilities/Expectations · Attend company functions, including company meetings, to cultivate team building. · Seek out opportunities for professional skills advancement through classes, seminars, webinars, events, self-study, etc. · Assist the Abel Solutions leadership with other activities and tasks as assigned. · Obtain certifications from Microsoft or others as the role designates and is prescribed by leadership. Education Requirements · Bachelor's degree in information systems or related is preferred. o Associates with 4+ years of experience in lieu of a bachelor's degree · Certifications in relevant security functions, such as: o CompTIA Security +, Certified Ethical Hacker, Certified Cloud Security Professional, Cybersecurity Analyst (CySA+), Network Security Professional (NCSF), Microsoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Cybersecurity Architect Expert, etc. Qualifications Experience Requirements · Proven expertise in Microsoft 365 architecture, configuration, and security for both cloud and on-premises environments. · Strong experience with Terraform and the ability to implement policies as code for automated infrastructure. · Knowledge of Hyper-V for managing remote infrastructure deployments. · Demonstrated experience in Root Cause Analysis for compromised infrastructures, with the ability to provide detailed insights and remediation strategies. · Experience building and deploying Pentesting "warheads" for engineering teams. · Familiarity with compliance frameworks and the ability to conduct engineering control checks to ensure compliance. · Proficiency in Linux and Windows scripting to automate tasks and enhance system performance. · Experience in maintaining and securing GitLab repositories. · Ability to serve as part of an Incident Response Team, with hands-on experience in forensic analysis and breach investigations. · Experience threat hunting utilizing a SIEM (Security Incident & Event Monitoring) platform, building queries, alerts, etc. · Ability to analyze large datasets and logs to identify suspicious activities, threat patterns, and anomalies. · Strong understanding of data ingestion processes, including data normalization and enrichment. · 1+ years of understanding of cybersecurity principles, frameworks (e.g., NIST, ISO/IEC 27001), and best practices. · 4+ years of familiarity with operating systems such as Windows, Linux, or UNIX, including their command line interfaces. · 2+ years of basic knowledge of network infrastructure, including TCP/IP, DNS, DHCP, firewalls, and VPN technologies. · 6+ months of experience with or exposure to security tools and technologies such as antivirus software, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems. · Demonstrable experience with scripting languages (e.g., Python, PowerShell) for automation of simple tasks is preferred. · Participation in cybersecurity competitions, hackathons, or relevant extracurricular activities is a plus. · Strong analytical and problem-solving skills with the ability to work independently as well as collaboratively in a team environment. Skill Requirements · Demonstrated enthusiasm and passion for cybersecurity, evidenced by a self-motivated desire for continuous learning and a willingness to be taught. · Fundamental understanding of operating systems (Windows, macOS, Linux) and their respective command-line scripting languages (Batch and PowerShell for Windows, Bash and Zsh for macOS, Bash and other shell derivatives for Linux), along with various security tools (both open-source and proprietary). · Availability to respond to cyber incidents outside of standard working hours as needed. · Solid grasp of foundational concepts in cloud, network, and endpoint security, awareness of current threat landscapes and attack trends, as well as an understanding of defense-in-depth strategies. · Capability to manage and complete projects both independently and as part of a team. · Excellent written and oral communication to client stakeholders. · Strong professional background with the Microsoft ecosystem to include both on-premises and cloud-based products ITAR U.S. Persons” Only: A requirement of this position is access to information that is subject to U.S. export controls under the U.S. International Traffic in Arms Regulations (“ITAR”). Accordingly, the company will consider only “U.S. Persons” for this position. A “U.S. Person” includes (a) U.S. citizens or nationals; (b) U.S. lawful permanent residents (i.e., “green card” holders); (c) persons granted refugee status; or (d) persons granted asylum in the United States. This information is collected solely for purposes of complying with U.S. export control requirements and will not be used to unlawfully discriminate in the hiring process. Equal Employment Opportunity Statement Applied Technical Services is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.