Summary

We are looking for an experienced security engineer with experience in two major areas. Particularly someone with exposure to a full SIEM stack from log ingestion to storage to maintenance to rules, alerting and automated response. This includes tying a variety of systems together, writing some custom code to enable use cases. Secondly you have experience around vulnerability management and the entire range of technology that comes with from the endpoint, to servers to cloud. You choose automation over manual work. You care about quality, comprehensiveness and correctness.

Responsibilities:

1. Tie together disparate security tools
2. SOAR / Automate response to security events
3. Care and feeding of SIEM stack
4. Support SOC analysts in their monitoring needs
5. Review critical alerts during normal business hours
6. Write MITRE ATT&CK rules
7. From time to time you may be asked to work on special information security projects that require the ability to script or code.                 

Qualifications:

1. 4+ years of information security experience
2. Experience maintaining an entire SIEM stack; preference for open source and in-house solutions
3. Experience implementing all the technical aspects of vulnerability management
4. Experience writing alerting rules AND maintaining them
5. Solid exposure to Kubernetes
6. Confident in AWS/Cloud
7. Comfortable with Linux
8. Can write in Python, or other common language; comfortable in modern development environments
9. Strong communication skills
10. Proven ability to write documentation on work performed

Skills

• AWS
• Communications Skills
• Development
• Python