Senior Security Engineer

About The Position

Requirements

• 1+ years of experience in cybersecurity, incident response, or security operations.
• Hands-on experience responding to security incidents in enterprise environments.
• Strong ability to analyze security events and perform technical investigations.
• Working knowledge of: TCP/IP, DNS, HTTP/S, VPNs, firewalls, and proxy technologies
• Windows and Linux operating systems
• Identity and access systems and authentication mechanisms
• Experience using SIEM and security platforms such as: Splunk, Microsoft Sentinel, QRadar, ArcSight, ELK, or similar
• Ability to identify and respond to: Phishing and business email compromise Malware and ransomware Credential compromise Lateral movement and persistence mechanisms Brute-force and privilege escalation attacks
• Strong written and verbal communication skills, especially during high-pressure incidents.
• Demonstrated ability to follow structured processes while continuously improving them.

Nice To Haves

• Experience with EDR, SOAR, and forensic tooling (e.g. CrowdStrike, Defender, Carbon Black, EnCase, Velociraptor, etc.).
• Experience supporting investigations involving legal, compliance, or regulatory stakeholders.
• Knowledge of MITRE ATT&CK and modern adversary tactics.
• Experience with cloud and SaaS incident response (Azure, M365, AWS, etc.).
• Relevant certifications, including: GIAC (GCIH, GCFA, GCIA) Offensive Security (OSCP, OSCE, OSEE) Vendor certifications (Splunk, Sentinel, CrowdStrike, etc.)

Responsibilities

• Lead and support end-to-end incident response activities, including detection, analysis, containment, eradication, and recovery.
• Monitor, investigate, and correlate security alerts using SIEM, EDR, and forensic tools.
• Perform digital forensic investigations across endpoints, servers, cloud, and network environments.
• Triage and escalate security events in accordance with established incident response procedures.
• Develop, maintain, and continuously improve incident response playbooks, SOPs, and workflows.
• Improve alert quality and response effectiveness through root cause analysis and post-incident reviews.
• Partner with IT, Legal, Compliance, Privacy, and Risk teams during security incidents.
• Support regulatory, legal, and client-driven incident response and reporting requirements.
• Participate in and facilitate incident response tabletop exercises and simulations.
• Contribute to the design and enhancement of detection, logging, and monitoring capabilities.
• Provide technical guidance and mentorship to junior analysts and security team members.

Benefits

• Fragomen is committed to promoting diversity, inclusion and equal opportunity for all employees and applicants, regardless of race, ethnicity, heritage, gender, age, religion, disability, sexual orientation, gender identity or intersex status.
• Our #FragomenWorks program provides the ability to be successful at home or in the office, via Hybrid & Remote work arrangements.
• Our Feedback Works process includes three managerial check-ins per year to help you progress in your career.
• Unique learning programs like: Fragomen Academy, Leadership Academy, Practical Management Academy, and Regional Development Conferences.