Senior Security Engineer

Description

Anywhere, US (100% Remote)
Long-Term Contract

Role Responsibilities & Day to Day:

Initial Phase:

• Spend the first few months understanding the team and the environment at our client.

• Acquaint yourself with internal processes and team operations.

Core Responsibilities (Day to Day):

• Evaluate security gaps using EDR tools to identify missing components in the security tool stack.

• Respond to security events and alerts. If an alert escalates to an incident, manage the follow-up and coordinate with the involved teams.

Additional Tasks:

• Some vulnerability assessment work may be required, but the primary focus is on threat detection and incident response.

Required Experience:

• Minimum of 5 years of experience at a senior level.

• Extensive experience with threat hunting, incident response, and EDR tools (Carbon Black, Crowdstrike, Trellix).

• Strong experience with AWS (Azure experience is a plus, but less critical than AWS).

• Proficiency in scripting (Python/PowerShell) is highly desirable.

• Significant experience with Splunk, with a preference for those with solid Splunk expertise.

Technical Skills:

• Hands-on technical understanding of network fundamentals and common Internet protocols.

• Technical understanding of the information security threat landscape, including attack vectors, tools, and best practices for securing systems and networks.

• Experience as a security incident automation analyst, performing all aspects of the incident response process successfully.

• Capability to write scripts and code in Python and PowerShell; Java is a plus.

• Strong verbal and written communication skills, effective with both technical and non-technical staff.

• Experience using SEIM or logging tools, creating complex queries, alerts, and dashboards.

Desired Skills:

• Knowledge of various cloud environments (AWS, Azure, etc.) and their respective APIs.

• Operational experience with monitoring devices such as network and host-based intrusion detection systems, web application firewalls, NextGen firewalls, antivirus systems, proxy servers, file integrity monitoring tools, and operating system logs.

• Investigative, problem-solving, and analytical skills.

• Knowledge of EDR and Network security tools.

• Technical security certifications like Security+, Ethical Hacking, or SANS/GIAC are a plus.