Detection and Monitoring Engineer
About The Position
The Detection and Monitoring Engineer is responsible for data engine (cribl) engineering duties, writing detections, automation playbooks and maintaining our SIEM, SOAR and logging tools with a focus on monitoring and detection. Hands on experience with Google SecOps, and Cribl as well as using GitHub, python and other automation languages. Responding to new logging tickets, assisting audit teams for PCI, SOX, HITRUST and other audits. Collaborating with app and infrastructure teams and tool owners for logging as well as the incident response team, network security, etc. Plan, design and build of security architectures to ensure strong security posture, compliance with regulations, and safeguard of customer data. Manage information systems security, including disaster recovery, database protection, and software development. Demonstrate the company's core values of respect, honesty, integrity, diversity, inclusion and safety.
Requirements
- Bachelor's Degree computer science, information systems, or related technical field
- Any of the common languages (e.g., Perl, Python, Ruby, shell scripting)
- 5+ years of experience in a related security field
- Proven ability to design and build scalable, high volume, and low latency applications
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
Nice To Haves
- Master's Degree computer science, information systems, or related technical field
- Detection/automation engineering (EDR, SIEM, SOAR, etc.)
- Data engine concepts (Cribl)
- Logging (Windows Event Logging, Syslog, Auditd, Sysmon, etc.)
- Programming/scripting (Python, Go, Javascript, Bash, PowerShell)
- Git
- Configuration management tools (Ansible)
- Networking
- Knowledge of:
- MITRE ATT&CK
- Common attack/exploitation patterns
- Incident response strategies and procedures
- Generative AI platforms (OpenAI, Anthropic, Google, Deepseek, Qwen, etc.)
Responsibilities
- Oversee identity and access management, cloud security, cryptography, logging and alerting, security operations, malware detection, incident response, vulnerability scanning, penetration testing, security architecture, and digital forensics
- Oversee the implementation of network and computer security and ensure compliance with corporate cybersecurity policies and procedures
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Monitor server and firewall logs, scrutinize network traffic, establish and update vulnerability scans
- Analyze and resolve complex security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required
- Manage and ensure the security of databases and data transferred both internally and externally
- Oversee penetration testing of all systems in order to identify system vulnerabilities. Design, implement, and report on security system and end user activity audits
- Assist in developing new and modifying existing security policies and procedures to maintain compliance
- Evaluate existing and recommend new and emerging security technologies
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Must be able to perform the essential job functions of this position with or without reasonable accommodation
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
