Cybersecurity Engineer

About us One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.

What you'll do Specializes in the development, deployment and execution of controls and defenses to ensure the security, compliance and risk mitigation of the firm's technology infrastructure/data assets and effectively respond to incidents or breaches of information security operations.

The day-to-day The role is part of Viasat’s Security Operations Team. The Security Engineer should be experienced in the areas of networking, client/server technologies, and analysing log files with the ability to identify false positive and true positive events. The Security Engineer should be able to analyse incidents and correlate it with appropriate contextual data to determine classification, prioritisation and response to incidents. Respond immediately to cybersecurity-related incidents and provide a thorough post-event analysis. Investigates intrusion incidents and conduct forensic investigations. Act as the primary escalation point to Security Analysts monitoring the Security Information and Event Management (SIEM) System & provide initial investigation of security incidents. Take an active part in the containment of incidents, even after they are escalated. Deliver investigation and remediation activities as a senior member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Coordinate with data asset owners and business response plan owners during high severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). Continuous engagement with the Threat Intelligence and 24x7 Monitoring teams. Provide ad-hoc on-call support to review threats and response actions for off-hour critical incident response.

What you'll need Job Complexity: Works on and may lead projects or a program of complex scope with little to no instruction. Exercises judgment to obtain results. Required Supervision: Works with others to define the problem to be solved, and then works autonomously with little instruction. Obtains relevant, timely results and metrics by evaluating and adapting complex techniques and evaluation criteria to help determine appropriate methods. Skill / Knowledge: An experienced professional with a solid understanding of one or more area of specialization. Uses advanced concepts and skills to resolve issues that meet objectives. Leadership / Influence: May guide others with acquired skills and knowledge to solve issues in specialized areas. May train and mentor junior level staff to improve their skills. A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous. Intermediate knowledge of Information Security fundamentals, technologies, and design principles. Proven experience in securing Windows, Linux, Cloud environments (AWS, Azure, GCP and Oracle) and VM platforms. Understanding or proven experience of using Security Information and Event Management (SIEM) platforms for analysing network and security incidents. Experience in using Vulnerability Assessment (VA) platforms to identify network and platform risks and mis-configurations. Experience in Security Assessment tools/frameworks. Knowledge of network security zones, firewall, IDS; Network analysis tools like Wireshark and TCPDump. Knowledge of log formats for syslog, DB logs and how to gather forensics for traceability back to event; Knowledge of packet capture and analysis. Willingness to learn new skills and be self-motivated. Ability to work in a team environment, to work under pressure and show flexibility. Excellent verbal and written communication skills in English.

What will help you on the job Given the scope and responsibilities of this role, with access to sensitive information, technology and/or services, the successful candidate is required to be a citizen of the United Kingdom (UK) and/or European Union (EU) with eligibility to obtain UK government security clearance. Applicants will therefore be required to provide personal information, including place of birth and all nationalities, to ensure compliance with UK and US export control requirements.

EEO Statement Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic.