Sr. Cyber Security Engineer (SIEM/MEDR)

Overview

Senior Cybersecurity Engineer - Endpoint Detection and Response is expected to possess a high level of knowledge and experience in various security domains and technologies with a focus on advanced endpoint protection, detection and response.

This resource will work closely with the defensive managed security services team to design, deploy, and support a new Endpoint Detection and Response (EDR) platform as part of a larger Managed EDR service offering.

This position is tasked with lifecycle ownership of the environment and works closely with Security Operations Center and back-office MSS teams.

This role includes design, implementation and operational responsibilities for the MEDR service line.

Scroll down to find an indepth overview of this job, and what is expected of candidates Make an application by clicking on the Apply button.

Please note the working hours required for this will be 12pm-8 : 30pm EST / 9am-5 : 30pm PST

Responsibilities

• Lead the design, deployment, support and maturation of new and existing managed security services focused on endpoint protection.
• Detailed documentation of solutions and services that includes runbooks, network diagrams, process flows and escalation.
• Determine security requirements by evaluating business strategies and requirements; researching information security standards;

evaluating architecture / platforms; identifying integration issues; preparing cost estimates.

• Provide guidance, technical, and troubleshooting support for managed security services offerings.
• Develop, maintain, and deliver training material for the MEDR program.
• Build strong cross-functional relationships with other All Covered teams, as well as with external partners, peers, and professional organizations.
• Maintain quality assurance through adherence to established processes, procedures, baselines, and standards.
• Define action plans that are easy to implement, effective at reducing risk, and utilize existing people, processes, and technologies.
• Mentorship of other team members.
• Fully understand and support the organization's vision, core values, goals, and objectives.

Qualifications

• 5+ years of experience in Endpoint Protection Technologies, Endpoint Detection and Response, Application White-Listing, Anti-Virus, Anti-Malware, etc.
• Experience in delivering projects related to security technology implementation, security architecture design, and overall security technology positioning.
• Experience within a Managed Security Service Provider (MSSP) environment.
• Understanding of security technologies, including vulnerability management solutions, CASB, NAC, DLP, VPN's, Endpoint solutions, Privileged Access, and general network / security background.
• 5+ years working with operational information security disciplines (e.g., incident response, security infrastructure management, or monitoring services).
• 2+ years of direct experience in the identification, development, modification, and ongoing management of enterprise-level response-based playbooks is required.
• Proficiency in operating systems including Microsoft Windows, RHES, CentOS, Ubuntu Linux, and MacOS.
• BA or BS degree or equivalent combination of relevant education and experience.
• 5-7+ years' experience in the information security field.
• Experience with a SOAR platform, including playbook / runbook creation as well as development of Python code that drives the automation of repeatable response processes.
• Experience with EDR - SentinelOne and SIEM - Google Chronical preferred.
• Ability to multi-task and manage multiple priorities.
• Ability to deal with changing priorities to complete tasks in a short period of time.
• Exceptional organizational and time management skills.
• Solid commitment to customer service with good initiative and follow-through.
• Comfortable interacting at all levels within an organization.
• Superior writing, communication, and documentation skills.
• Strong business acumen and a drive toward business growth.
• Discipline to work remotely and communicate clearly.

J-18808-Ljbffr