Security Platforms Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent practical experience.
• Experience administering enterprise security tools such as Microsoft Defender, SIEM platforms, firewall security tools, endpoint detection and response tools, and cloud security platforms.

Nice To Haves

• Hands-on experience investigating security alerts and supporting incident analysis.
• Understanding of log sources, event correlation, detection engineering, and SIEM ingestion pipelines.
• Knowledge of endpoint, network, identity, and cloud security controls.
• Experience with Microsoft security technologies, including Microsoft Defender for Endpoint, Defender for Cloud, or related tools.
• Familiarity with cloud security concepts and tools, including CSPM solutions such as Wiz.
• Experience with SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, or similar.
• Familiarity with firewall technologies and network security monitoring.
• Experience tuning detection rules and reducing false positive alerts.
• Knowledge of MITRE ATT&CK, threat detection methodologies, and security operations best practices.
• Relevant certifications such as Security+, CySA+, SC-200, AZ-500, CISSP, GCIA, GCIH, or similar.
• Ability to work cross-functionally with SOC, infrastructure, cloud, and engineering teams.
• Strong troubleshooting, analytical, and documentation skills.
• Security tool administration
• SIEM monitoring and alert investigation
• Detection tuning and policy enhancement
• Log onboarding and ingestion support
• Cloud and endpoint security
• Cross-functional collaboration
• Incident support and technical analysis

Responsibilities

• Administer and maintain security platforms, including Microsoft Defender, Wiz CSPM, SIEM tools, firewall security solutions, and other endpoint and cloud security technologies.
• Ensure security controls are implemented, operational, and functioning as intended across cloud, endpoint, and network environments.
• Monitor, triage, and investigate alerts generated by the SIEM and other security tools.
• Partner with the SOC to improve detection coverage, reduce false positives, and enhance alert fidelity.
• Assist in developing, tuning, and maintaining SIEM use cases, correlation rules, dashboards, and detection policies.
• Work with infrastructure, cloud, and application teams to configure and validate log collection and ingestion into the SIEM.
• Support onboarding of new log sources and ensure logging is complete, normalized, and actionable for monitoring and investigations.
• Validate tool health, integration status, and telemetry flow across the security stack.
• Perform regular reviews of security tool configurations and recommend improvements to strengthen visibility and control effectiveness.
• Support incident response activities by providing tool expertise, investigative analysis, and technical troubleshooting.
• Document security tool configurations, processes, alert handling procedures, and operational standards.
• Identify gaps in monitoring, detection, and control coverage, and recommend remediation actions.
• Collaborate with internal stakeholders to support compliance, audit, and risk management requirements related to security tooling and monitoring.

Benefits

• long-term incentives, in the form of stock options
• access to medical, vision & dental coverage
• access to a 401(k) retirement plan