Senior Cybersecurity Engineer 🇺🇸

About The Position

Requirements

• 5-8 years of experience in Cybersecurity with a focus on: Log streaming Cybersecurity data lakes and data warehousing SOAR engineering SIEM engineering, administration, architecture, and operations Data science, statistical analysis, and threat detection development Integrating disparate IT, OT, and business applications into SIEM systems
• Bachelor's degree in Management Information Systems, Computer Science, or a related field
• A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools
• Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes
• Prior programming experience in Python, SQL, and Apache Spark
• Solid understanding of common attack techniques and their practical applications
• Demonstrated ability to work effectively across multiple teams, building cross-functional relationships with individuals of varying technical expertise
• A self-starter with a proven ability to thrive in fast-paced environments
• Strong technical communication skills, both written and verbal

Nice To Haves

• Prior experience with platforms like Databricks, Cribl, Tines, or other cybersecurity lakehouse providers

Responsibilities

• Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities.
• Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy.
• Design enrichment pipelines and automation workflows to enhance the precision of threat detections.
• Develop correlation logic and automated processes to create high-fidelity threat alerts.
• Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance.
• Create automation playbooks for incident triage and response.
• Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment.
• Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture.
• Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools.
• Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed.
• Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant.
• Provide feedback to improve the customer's security framework and overall security monitoring strategy.