Senior Cybersecurity Engineer
Job ID
Service line
Advisory Segment
Role type
Richardson - Texas - United States of America

About our Team

Global Cyber Security Office – The Global CSO’s mission is to mitigate cyber security risk by actively working with the CBRE business, Digital & Technology and other partner organizations (Compliance, Risk Mgmt., Audit, & Legal) to seamlessly integrate security processes, tools, and people into the business culture providing a holistic security ecosystem, driving continuous improvements and seamless protection / monitoring capabilities globally.

Key Responsibilities:

  • A passion for research and uncovering the unknown about cyber security threats and threat actors.
  • Use threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors.
  • Provide expert analytic investigative support of large scale and complex security incidents.
  • Continuously improve processes for use across multiple detection sets for more efficient operations.
  • Review alerts generated by security infrastructure for false positive alerts and modify as needed.
  • Provide forensic analysis of network packet captures, DNS, proxy, NetFlow, malware, host-based security and application logs, as well as logs from various types of security sensors.
  • Create and tune models / SIEM alerts for automated response orchestration
  • Review security events to determine impact to CBRE
  • Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
  • Collaborate with the global security operations teams to provide targeted threat hunting reports on a regular cadence.
  • Take escalations from the global security operations center and treat appropriately
  • Establish runbooks and assist with tabletop exercises
  • Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, and negotiating issue resolution

Required Knowledge and Skills:

  • Understanding of the tactics, techniques, and procedures (TTPs) used by threat actors against endpoints
  • Intermediate to Expert experience managing policies and tuning within Carbon Black Defense and Response
  • Familiarity with modern methods of network and endpoint attacks and compromise such as MITRE ATT&CK techniques
  • Experience with vendor endpoint security controls
  • Experience with network-based endpoint security controls
  • Proven ability to work in a team-oriented, collaborative environment
  • Direct experience of Linux/Unix and Windows operating systems, enterprise SIEM, and packet capture analysis toolset
  • Knowledge of regular expressions and at least one scripting language (PERL, Python, PowerShell)
  • Experience with PowerBI Reporting is a plus

Qualifications and Education:

  • 5-7 yrs. of IT security experience or equivalent skills
  • 3-4 yrs. of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc.)
  • Minimum of 3+ years of related working experience in endpoint security preferred
  • One or more security related certifications, such as CISSP, GIAC, or GCIH is highly desired
  • Bachelor’s Degree preferred