Seeking Security Engineer to join growing Security Operations (SecOps) team. You will be responsible for the implementation lifecycle and administration of security hardware, software, and documentation required to support SecOps. Ideal candidate has in-depth understanding of cyber security, networking and ability to deploy applicable tools plus solid communication skills.
- Implement and manage the tools, tactics, and techniques that will be used to protect and monitor the on-prem and cloud infrastructure for unauthorized activities. This may include, but is not limited to, Splunk, endpoint security applications, vulnerability scanning tools, and other cloud-based security tools deployed across the environment.
- Assist in developing and maintaining system documentation as it pertains to continuous monitoring capabilities and their implementation.
- Perform health, wellness, and availability monitoring of tools within the hosted information systems and address any issues in a timely manner.
- Provide reporting and metrics of the managed systems.
- Hands-on engineering role supporting security operations / SOC. While the position is not an Analyst role, you will work closely with Analysts on the SecOps Team and need to have understanding of the cyber threat landscape and analysis incident response process will be key for this role.
- Bachelor’s Degree in Cyber Security/Computer Science or equivalent combination of related work experience desired. OR 5+ years of verifiable experience in a Security Engineering role, SOC experience a plus.
- Linux and Windows – Strong knowledge
- Broad experience with common off the shelf (COTS) and open source security tools.
- Experience troubleshooting platform/data availability and quality issues.
- Drive remediation efforts during logging outages/issues.
- Effective problem solving and analytical skills.
- Ability and willingness to work in a very technical fast-paced environment.
- Experience and proficiency with writing guidelines, processes and procedural documentation.
- Participate in project conference calls with engineering and operations stakeholders.
- Ability to work independently with little supervision.
- Splunk Certifications (e.g. Power User, Advanced Power User, Security Admin etc.).
- IT Security certifications (GSEC, GCIH, GMON, etc. a plus).
- Knowledge of Cloud technologies (AWS, GCP, Azure etc.) and the use of security tools in the cloud.
- Experience with supporting a Security Operations Center.
- Experience with containerization and cloud orchestration solutions.