Senior Security Engineer

About The Position

Requirements

• Preferred 4+ years of cybersecurity experience or comparable IT experience working in collaboration with an InfoSec Organization.
• Experience investigating cybersecurity events and incidents using a full suite of alerting and response tools, digital forensic or malware analysis tools.
• Experience with one major SIEM system; Splunk is preferred. Write Splunk Search Processing Language (SPL) queries for alerts, create dashboards and produce reports and metrics.
• Strong understanding of networking basics, including firewall, Web Application Firewall (WAF), experience with Virtual Private Cloud (VPC), and Zero Trust Networking (ZTN).
• Firsthand experience with Vulnerability Management preferably Rapid7, perform scans, produce reports, and track remediation.
• Experience with Endpoint Detection and Response preferably CrowdStrike Falcon and Cloud Security Posture Management, write policies, triage alerts, and deploy agents.
• Experience with Identity Access Management preferably Entra ID; configuring SSO, user/group management, user access review, multi factor authentication (MFA), etc.
• Experience with zero trust networking preferably Zscaler Private Access to create connectors, applications, policies, and troubleshooting.
• Strong familiarity with NIST 800-53 (Rev-5).
• Strong familiarity with ISO27001.
• Strong Project Management skills (PMP, Six Sigma, or Agile).
• Strong communications skills (collaborating with employees at all levels).

Nice To Haves

• CISSP, GIAC, and or AWS Certified Security Specialty a plus.

Responsibilities

• Assess, triage, and prioritize security alerts from logging and monitoring systems.
• Incident response management and breach mitigation.
• Conduct vulnerability assessment, determine deviations from acceptable configurations, and assess the level of risk; recommend appropriate mitigation countermeasures.
• Work in collaboration with Legal, Compliance, HR on Discovery and Investigations requests.
• Work in collaboration with IT, Cloud Operations, and Engineering Teams to secure our AWS environment.
• Design, implement, configure, support, and maintain security and IT solutions and tools (e.g., Security Information Event Management (SIEM), Identity Access Management (IAM), Mobile Device Management (MDM), Endpoint Detection and Response (EDR), Vulnerability Management, Zero Trust Networking (ZTN), Data Loss Prevention (DLP)).
• Keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
• Lead digital forensic activities including collecting, processing, preserve, analyze, and present evidence in support of vulnerability mitigation, and investigations.
• Perform cyber defense analysis by using data collected from a variety of cyber defense tools (e.g., Intrusion Detection System (IDS), alerts, firewalls, AWS Cloud Trails) to analyze events for the purposes of mitigating threats.
• Help mature and maintain an Incident Response Program.
• Develop playbooks, work instructions, process flow, Risk Assessments, and automation solutions.
• Evidence and artifact collection and articulation for purpose of Audit and Accreditations.
• Contributes to Executive Presentations of the InfoSec state and environment.
• Will require working nights (at times), weekends (at times), or holidays (at times) on a rotational basis with the rest of the team to ensure 24x7 coverage.
• Supports our CISO in additional security initiatives and projects, as needed.

Benefits

• Comprehensive health insurance, encompassing dental and vision coverage
• Contribute to Health Savings Account (HSA) accounts for all enrolled employees on an annual basis.
• Comprehensive Employee Assistance Program
• 401k plan and match
• Employee Stock Purchase Plan (ESPP)
• Unlimited Paid Time Off + 10 Holiday Days a Year
• Parental Leave
• Competitive salaried compensation
• Equity