Our client is looking for a Mid/SR level Security Engineer who will be responsible for providing security architecture design and implementation, coordinating information security efforts within the company, and identifying security initiatives and standards for safeguarding information assets.
The Security Engineer is involved with establishing, implementing, and maintaining enterprise and cloud information security tools, which includes procedures and policies designed to adequately protect their systems, and assets from both internal and external threats.
Must haves:
1) Able to connect elastic databases to Splunk.
2) Must be experiences in a Linux environment
3) Must be experienced in setting up Elastic DBs, not just a user.
4) Must have exceptional Python, Postgres and Splunk experience
Sorry, not available for 3rd Parties, C2C or other type of Transfer/Sponsorship. Green Card or US Citizen applicants only.
Job Responsibilities:
Design, develop and document industry best practices to support company initiatives while meeting performance and availability requirements.
Collaborate with Product, Operations and Engineering organizations to understand requirements, implementation impacts, and develop security specifications around project initiatives.
Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals.
Provide guidance on prioritization and remediation of security issues.
Research new security technologies and adopt suitable best practices to solve industry obstacles and security threats.
Provide technical leadership within the area of expertise and mentor security staff.
Some travel may be required.
Skills & Competencies:
Proven ability developing security plans that integrate directly with product and system development lifecycles.
Strong Scripting skills required including Shell and interpreted languages.
Comprehensive knowledge of TCP/IP networking and client-server architecture and protocols.
Familiarity with network analysis tools such as WireShark, Zeek, Corelight, and other traffic summarization utilities.
Education and Experience:
A Bachelor’s degree in information technology, or equivalent experience is required.
Advanced degree in a technology related field is a plus.
Minimum 5 years of experience in an information security role.
Experience in deploying and maintaining internal security systems such as IDS/IPS, WAF, FIM, DDOS and Vulnerability Scanners.
Experience in administering enterprise-level Linux servers and applications.
Experience with application / scripting tools (bash, Python).
Experience with leading incident response.
Experience with security automation.
Experience Threat hunting in EDR telemetry data.
Experience with security in DevOps environments (secrets management, CI/CD pipeline integration, secure IaC, container security, etc.)
Experience in threat detection, monitoring, hunting, and forensics.
Experience with information sharing groups.
Experience with regulatory compliance frameworks and standards such as ISO, PCI and GDPR.
Experience with configuring and securing AWS cloud.
Experience with configuring Log Management/SIEM/SOAR tools.
Experience with configuring and deploying EDR, Antivirus, and security tools.
1+ years of experience with containers / Kubernetes (hands-on deployment / research). Extensive Kubernetes experience is a plus.
Experience working for a MSSP is a Plus.
Technical security related certifications are a plus:
Industry Certifications like GIAC, CISSP or CCIE