Senior Cyber Security Engineer

Senior Cyber Security Engineer

Requirements

• Minimum of 5-10 years of experience in cybersecurity, with a focus on security operations, SIEM, or SOAR platforms.
• Hands-on experience with leading SIEM solutions such as Splunk, Palo Alto XSIAM, Securonix, Microsoft Sentinel or others.
• Experience in security monitoring, threat detection, and incident response.
• Proficient in scripting languages (e.g., Python, PowerShell) for automation and integration tasks.
• Strong understanding of security operations, threat intelligence, incident response, and risk management.
• Familiarity with common security frameworks and compliance standards (e.g., NIST, ISO 27001, GDPR, etc.).
• Solid understanding of MITRE ATT&CK framework TTP’s with an ability to map defensive controls to.
• Expertise in cyber security tools, firewalls, IDS/IPS, endpoint security, and network security technologies.
• Expertise in native security tools and concepts within cloud native environments such as AWS, GCP or Azure.
• Proficiency and autonomy in leading large scaled programs with little to no oversight.
• Understanding / proficiency in applications, containerization, APIs, web services.
• Experience with forensic investigations, leveraging collected information to understand vectors and provide required remediation’s.
• Understanding of latest techniques used by threat actors.

Responsibilities

• Manage, configure, and optimize our platforms to enhance incident detection, response, and automation workflows.
• Design and implement automated workflows to reduce the time to detect and respond to security incidents.
• Work closely with cross-functional IT and cyber risk teams to ensure that security policies and procedures align with business objectives.
• Provide detailed reporting on security operations and improvement metrics.
• Continuously improve our platforms by identifying gaps, implementing new features, and staying up-to-date on emerging security threats and technologies.
• Develop and maintain documentation for processes, workflows, and response automations.
• Provide necessary training and mentorship to team members.
• Act as internal expert on matters relating to intrusion detection and incident response.
• Operate security monitoring and incident response toolsets with a focus on continuous improvement and expansion.
• Lead investigations into network intrusions and other cyber security matters.
• Provide a coordinated response to complex cyber-attacks that threaten company’s assets, intellectual property, and computer systems.
• Contribute to the development and improvement of security monitoring and incident response processes and solutions as required to support our cyber security program.
• Research and recommend solutions for cyber security program and incident response.
• Ensure our platforms maintain the most current and optimal configurations to combat advanced and modern day attacks and threats.
• Partake in a team rotation of CSIRT responsibilities.

Preferred Qualifications

No preferred qualifications provided.