Senior Security Engineer

Senior Security Engineer

Requirements

• Bachelor’s Degree and five (5) or more years in the Information Technology field.
• Typical Degrees: Computer Science, Information Technology, Cybersecurity, Data Analytics, Mathematics, or related field(s).
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are acceptable.
• Three (3) or more years of experience should have been directly administering Splunk environments.
• Strong Linux and Windows proficiency.
• Strong understanding of security concepts and operations.
• Strong understanding of networking concepts and architecture.
• Experience with data visualization tools and strong analytical skills.
• Experience with Splunk Enterprise Security for 3 or more years.
• Experience with SOAR technologies.
• Experience with vulnerability management technologies.
• Experience PowerShell and Bash scripting.
• Experience with Python Scripting.
• Splunk Enterprise Certified Architect, and/or Consultant.
• Must be a citizen of the United States.

Responsibilities

• Responsible for advisory and technical support efforts in Splunk, Tenable, and Security orchestration.
• Perform engineering and architecting tasks required to onboard new Managed Services clients.
• Responsible for supporting the transition related to onboarding of Managed Services Clients.
• Perform engineering and architect tasks required to sustain existing Managed Services clients.
• Install, configure, troubleshoot, and optimize Splunk Enterprise Core and Splunk Enterprise Security.
• Develop Splunk searches, reports, alerts, and dashboards.
• Support development of advanced security use cases in Splunk Enterprise.
• Troubleshoot SOAR architecture and playbook configurations.
• Develop SOAR playbooks and content.
• Administer and develop client Tenable environments.
• Create and run Tenable scans, reports, and dashboards.
• Perform basic vulnerability analysis and develop recommendations for clients.
• Perform weekly health checks on client environments.
• Develop, implement, and improve upon onboarding and operational processes.
• Work to develop processes to support technologies at the direction of the MS Engineering Management team.
• Support other service and analyst teams as needed.
• Regularly meet with clients to drive forward engineering objectives.
• Proactively address and manage customer issues to help clients win.
• Provide technical direction, leadership and mentoring to junior MS Security Engineers in support of day-to-day operation.
• Provide architectural review and oversight for client operational projects.
• Maintain industry and vendor certifications required to support the Managed Services catalog.
• Work with the Engineering Leadership team to develop new service offerings.
• Perform evaluation of new technologies and develops operational processes to support these technologies at the direction of the MS Operational Engineering Manager.
• Assist in interviewing job candidates applying to the MS Security Engineering team.
• Remain up to date on global threat trends, vertical specific threat trends, new exploits, relevant vulnerabilities, and new zero-days.
• Use your advanced understanding of, and ability to communicate, security technologies to mitigate cyber risks.
• Develop recommendations and enhancements to mature a client’s cybersecurity program.
• Communicate and present to executive level client stakeholders.
• Required to participate in 24×7 rotation.
• Other duties and responsibilities as assigned by Engineering Leadership.

Preferred Qualifications

• Bachelor’s Degree and seven (7) or more years in the Information Technology field.
• Experience supporting security operations.
• Passion for security and customer service.
• Excellent written and verbal communication skills.
• The ability to make complex subjects understandable.
• Demonstrated ability to gain trust, collaborate and achieve shared objective.
• The drive to be successful and perform well in all aspects of your operational and strategic work.
• Has the flexibility to manage several projects and balance and prioritize work.
• A conversational understanding of security operations and cybersecurity.
• Exhibits an understanding of how business work and the impact of decisions on business results.