CYBERSECURITY ENGINEER - 72004172 1

About The Position

Requirements

• Security platform technologies, including SIEM, SOAR, security data platforms, and detection systems.
• Security telemetry sources across endpoint, identity, network, cloud, and application domains.
• Detection engineering concepts, including correlation logic, thresholds, enrichment, and alerting behavior.
• Data pipeline concepts, including ingestion, normalization, parsing, and retention of security data.
• Systems security principles related to monitoring, detection, and response.
• Incident response processes and the role of engineering support in investigations.
• Configuration management and change management practices for security tooling.
• Basic understanding of enterprise architecture principles and integration patterns.
• Configuring, maintaining, and troubleshooting security tools and integrations.
• Developing and tuning detection rules within SIEM or similar platforms.
• Analyzing telemetry data to support detection, investigation, and troubleshooting activities.
• Troubleshooting data pipeline and integration issues affecting detection and visibility.
• Supporting incident response efforts through technical analysis and tooling support.
• Implementing changes in accordance with established processes and procedures.
• Documenting technical configurations, procedures, and troubleshooting steps.
• Collaborating with analysts and engineers to resolve issues and improve workflows.
• Apply technical knowledge to support reliable operation of security platforms and telemetry pipelines.
• Translate detection requirements into effective technical implementations.
• Identify and resolve technical issues affecting detection accuracy and platform performance.
• Work effectively in a fast-paced operational environment supporting SOC activities.
• Follow established engineering processes while contributing to continuous improvement.
• Adapt to evolving technologies, tools, and operational requirements.
• Communicate technical information clearly to team members and stakeholders.
• Support both legacy systems and modernization efforts within a transitioning environment.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related field; equivalent professional experience may be considered in lieu of a degree.
• 3+ years of experience in cybersecurity engineering, security operations, or related technical roles.
• Hands-on experience configuring or supporting security tools such as SIEM, EDR, SOAR, or log/data platforms.
• Experience working with security telemetry, logs, or data pipelines used for monitoring and detection.
• Demonstrated experience developing, tuning, or supporting detection rules or alerting logic in a SOC or similar environment.
• Experience troubleshooting technical issues involving security tools, integrations, or data quality.
• Familiarity with incident response processes and supporting tooling or data requirements.
• Experience following change management or configuration management processes.
• Strong written and verbal communication skills.
• Ability to sit for extended periods of time.
• Ability to stand for extended periods of time.
• Ability to drive and/or fly for long distances.
• Ability to lift, push and pull up to 30lbs.

Nice To Haves

• Relevant professional certifications such as CISSP, CCSP, cloud security certifications, or equivalent, preferred.

Responsibilities

• Configure, maintain, and support enterprise security tools, including SIEM, data platforms, SOAR, and related detection and telemetry systems.
• Support ingestion, parsing, normalization, and retention of security telemetry to ensure data is usable for detection and investigation.
• Monitor performance and availability of security tooling and identify issues impacting SOC operations.
• Assist in evaluating telemetry sources for relevance, quality, and operational usefulness.
• Develop, implement, and maintain SIEM detections using structured detection logic and defined standards.
• Support tuning and validation of detection rules to improve accuracy, reduce false positives, and ensure operational effectiveness.
• Assist in translating detection requirements into platform-specific implementations.
• Support testing and validation of detections and telemetry pipelines in development and production environments.
• Support day-to-day engineering operations that enable SOC detection, response, and analytic workflows.
• Troubleshoot and resolve technical issues related to security tools, integrations, and telemetry pipelines.
• Assist in root-cause analysis of detection failures, data gaps, or platform issues.
• Provide technical support during incident response activities where tooling or telemetry expertise is required.
• Implement and maintain configurations for security tools and integrations in alignment with established standards and architecture.
• Support deployment, updates, and lifecycle management of detections, data sources, and platform components
• Assist in integrating new telemetry sources and security capabilities into existing platforms.
• Follow established change management and configuration management processes.
• Develop and maintain technical documentation, runbooks, and standard operating procedures.
• Identify opportunities to improve detection coverage, telemetry quality, and platform performance.
• Support continuous improvement initiatives related to security tooling, engineering processes, and SOC enablement.
• Participate in testing and validation of new tools, features, or integrations.
• Work with SOC analysts to understand detection requirements and operational challenges.
• Coordinate with engineering and architecture teams to support implementation of new capabilities.
• Collaborate with IT, data, and cybersecurity teams to support integrations and enterprise initiatives
• Participate in team activities, projects, and knowledge-sharing efforts.