Cybersecurity Engineer
19 hours ago
Albany
Job Description Job Title: Cybersecurity Engineer Location: Hauppauge, NY, Fishkill, NY or Albany, NY Schedule: Onsite Mon-Fri 9:00 AM-5:00 PM during training; Once training is completed, the candidate will transition to a second shift from Hybrid 2PM-10PM. Hybrid eligibility following successful completion of probationary period. Additionally, the Cyber Security Engineer will participate in an after-hours on-call rotation and Incident Response Team. Acture Solutions is looking for a motivated and service-minded Cybersecurity Engineer to support our Security Operations Center (SOC) and customer environments by monitoring, investigating, and responding to security events while continuously improving security posture across client networks. This is a customer-facing role that requires strong technical expertise, excellent communication skills, and the ability to manage multiple priorities in a fast-paced environment. You will also serve as an escalation point for SOC Analysts, contribute to process improvements, and participate in an after-hours on-call rotation and incident response coverage with additional compensation for time worked outside regular business hours. What You’ll Do • Serve as an escalation point for SOC Analysts by providing technical guidance and support on complex security investigations., • Help define, document, and improve SOC processes and procedures to ensure consistent, high-quality security operations., • Provide recommendations to leadership and customers to strengthen security posture, reduce risk, and improve resiliency., • Partner with internal teams, clients, and vendors to drive resolution of high-priority security issues and coordinate security initiatives. Operational Responsibilities: • Uphold and exemplify Acture’s Core Values: Accountability, Customer First, Trust, Integrity, Opportunity, Nurturing Positive Culture & Fun., • Investigate and determine root cause of all security alarms no matter the level of threat. Provide references to the research related to the conclusion., • Manage daily security operations in accordance with SLAs, severity-based prioritization, and escalation requirements., • Own and support customer network security posture across perimeter, internal network, and cloud connectivity, ensuring confidentiality, integrity, and availability., • Assess, deploy, monitor, manage, and maintain network security controls including next-gen firewalls (NGFW), IDS/IPS, web filtering, VPN concentrators, WAF (where applicable), and security appliances across customer environments., • Configure, harden, and validate firewall policies (least privilege, object/group standards, rule lifecycle management), including NAT, geo/IP reputation controls, application control, SSL inspection (where approved), and logging requirements., • Design and maintain secure network segmentation (VLANs, ACLs, inter-VLAN routing controls) to limit lateral movement and isolate critical assets (servers, backups, OT/IoT, guest/wireless)., • Support and improve secure remote access including site-to-site VPN, client VPN, MFA integrations, certificate-based authentication, and conditional access alignment., • Monitor and analyze network telemetry across environments using SIEM/XDR/NDR tools; triage and investigate alerts related to network-based threats (command-and-control, beaconing, lateral movement, brute force, anomalous authentication, DNS abuse)., • Perform packet-level and log-level troubleshooting (PCAPs, NetFlow, DNS logs, firewall logs, proxy logs) to determine root cause, scope, and containment actions., • Scan for vulnerabilities and misconfigurations affecting network and perimeter systems (firewalls, switches, routers, wireless controllers, VPNs); coordinate remediation across systems, tools, and customer technologies., • Investigate and remediate threats, including performing incident response tasks as part of the Incident Response Team; execute containment actions such as blocking malicious IPs/domains, disabling compromised accounts, isolating hosts, and tightening access paths., • Research adversary activity and generate correlation, detection, and suppression rules to improve alert quality and SOC efficiency, including network-focused detections (impossible travel, unusual egress, port/protocol anomalies, DNS tunneling indicators)., • Develop and manage SOC projects, including initiatives that improve network visibility, logging coverage, and automation (standardizing firewall baselines, centralized logging, automated blocks, playbooks)., • Maintain accurate documentation of work performed and customer security environments, including network diagrams, firewall policy standards, segmentation maps, and change history., • Communicate directly with customers daily—review reporting and clearly explain network security needs, findings, and recommendations (risk-based, business-friendly language)., • Support the day-to-day operation of customer infrastructure and serve as a point of contact for executives, vendors, and internal teams as needed; coordinate with ISPs/carriers during outages or security events., • Participate in an after-hours on-call rotation and incident response coverage as required, including critical perimeter events (active exploitation, DDoS indications, VPN compromise, widespread malware). What You Bring Knowledge/Skills/Abilities • Security+ or higher certification required., • Minimum of 4 years of experience as a Systems Engineer/Systems Administrator/Network Administrator., • Strong experience with corporate antivirus/antispam, security, and backup solutions., • Strong knowledge of VMware and virtual environments., • Strong knowledge of Active Directory, Group Policy, and PowerShell scripting., • Knowledge of enterprise network security fundamentals: TCP/IP, DNS, DHCP, routing/switching, segmentation, VPNs, NAT, and secure network design., • Hands-on enterprise firewall experience (NGFW preferred): building and troubleshooting rules, NAT, VPN tunnels, content filtering, threat profiles, logging, and policy optimization., • Experience with IDS/IPS and/or enterprise network detection concepts (signatures, anomaly detection, tuning, false-positive reduction)., • Knowledge of switching and routing, including secure configuration practices. Education/Experience: • Security+ or higher certification required. Acture Solutions Inc. is a trusted IT Managed Service Provider (MSP) delivering secure, scalable technology solutions. We partner with organizations to enhance operations, cybersecurity, and long-term growth through exceptional service. Why Join Acture Solutions? At Acture Solutions, we don’t just support IT—we support people. As a trusted Managed Service Provider, we deliver secure, scalable technology solutions that help organizations thrive. We're committed to professional growth, high-quality work, and a workplace where your contributions matter. What We Offer This position is expected to pay between $95,000 and $125,000 per year (base salary). The actual base salary offered will be determined based on the candidate’s experience, skills, certifications, geographic location, and internal equity. This range is based on a position located in New York State and is intended to cover candidates working in Hauppauge, Fishkill, and Albany, NY. We offer a competitive Benefits package with medical, dental, paid holidays, sick, time and generous DPTO. Ready to Get Started? If you're passionate about tech, love helping people, and want to grow your career in a role that makes a real difference—apply today. Valid driver’s license, background check, and fingerprinting required. Hybrid Monday-Friday 2:00 PM - 10:00 PM Eastern after onsite training Monday-Friday 9:00-5:00 PM Eastern completed. On Call Rotation Requirement