Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or related field OR equivalent experience as determined by Human Resources.
• 5 years of experience in security operations, engineering, or related technical field.
• Skills in developing and maintaining scripts in PowerShell, Python, or Bash.
• Demonstrated experience with SIEM platforms (e.g., Microsoft Sentinel, Trellix, Splunk, QRadar).
• Working knowledge of log management, Intrusion Detection System/Intrusion Prevention System (IDS/IPS), Endpoint Detection and Response (EDR), SOAR, NIST 800-53, 5.1, Center for Internet Security Controls, or other vulnerability management standards.
• Working knowledge of MITRE ATT&CK or other threat modeling frameworks (e.g., D3FEND, Cyber Kill Chain) and its application to detection logic, automation, and threat modeling.
• Strong analytical and problem solving skills to investigate complex security incidents, assess vulnerabilities, and design effective technical solutions.
• Excellent written and verbal communication skills.
• Experience with testing tools such as Nmap, SQLmap, Metasploit, Wireshark, Nessus, Burp Suite, or other similar tools.
• One Offensive Security Certification: (Offensive Security Certified Professional (OSCP), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security Wireless Professional (OSWP), Offensive Security Web Assessor (OSWA), and Offensive Security Web Expert (OSWE).

Nice To Haves

• 7 Years experience
• Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) GIAC Certified Incident Handler (GCIH) GIAC Certified Detection Analyst (GCDA), or Microsoft Cybersecurity Architect (SC-100).

Responsibilities

• Designs, implements, and maintains enterprise security tools including SIEM, Endpoint Detection Response (EDR), Data Loss Prevention (DLP), and vulnerability management systems.
• Integrates log sources and ensures end-to-end visibility across cloud and on-prem environments.
• Develops, tunes, and optimizes SIEM correlation rules, dashboards, and alerts.
• Designs and maintains SIEM/SOAR detection rules mapped to MITRE ATT&CK techniques to improve alert fidelity and adversary coverage.
• Incorporates ATT&CK-based logic into automation workflows and detection engineering initiatives.
• Supports incident response by performing root cause analysis and recommending mitigations.
• Conducts security assessments and assists in vulnerability remediation and patch validation.
• Performs secure code reviews and static code analysis (SAST) to identify vulnerabilities; provides remediation recommendations and targeted training.
• Automates routine security operations and compliance processes using scripting languages (PowerShell, Python, etc.).
• Conducts penetration testing of security tools, controls, and processes.
• Supports compliance evidence gathering for ARS, NIST, FISMA, and other applicable audits.
• Collaborate with IT teams to embed security best practices and ensure security controls align with compliance frameworks.
• Provide strategic recommendations for new security tools, process improvements, remediations, risk mitigation, and targeted security training based on penetration testing findings.
• Provides technical mentoring and training to analysts on detection and tuning techniques.
• Communicates complex security concepts to both technical teams and non-technical stakeholders.
• As assigned, provides after-hours support for security incidents as part of an on-call or escalation rotation.

Benefits

• Health, Dental and Vision Insurance
• Voluntary Insurance Plans
• Health Savings and Flexible Spending Accounts
• 401k and Company Match
• Company-paid Life Insurance
• Education Assistance Program
• Paid Sick Leave
• Paid Holidays
• Increasing PTO Accrual Plan
• Medical/Parental/Disability Leave
• Workers Compensation
• Retiree Benefits
• Severance Package
• Employee Assistance Program
• Financial and Health Wellness Benefits
• Casual Dress
• Open Office Setting
• Online Learning System