Security Engineer

Security Engineer Contractor

Pay: $50-60/hr
Location: 100% remote, EST or CST preferred 
Schedule: M-F, normal business hours 
Job Type: Contract  
About the Client
 
One of the fastest growing cloud solution providers in Europe with a lot of projects ongoing. We are searching for a Senior Engineer to join the team. The candidate will be one of the leaders of a team of that delivers a range of advisory and technology services to our clients. This is a great opportunity to become involved in a dynamic and rapidly growing team delivering a leading range of professional services offering.

 Responsibilities:

• Develop content for a complex and growing SIEM infrastructure. This includes use cases, dashboards, active channels, reports, rules, filters, trends and active lab sessions.
• Use SIEM in the daily operational work which includes but not limited to administer, operate, manage SIEM platform and regular activities of ensuring the health of log sources, parsers, alerts, reports etc. and enduring that the platform is operating as planned.
• Monitor SIEM and other event sources, assess, prioritize, escalate and manage security alerts.
• Perform analysis of security, network database and application logs, correlate events and activities to create threat scenarios in order to get ahead of threat actors and reduce the exposure.
• Translate threat intelligence into actionable security across tools such as firewall, IPS and malware detection across multiple security vendor platforms.
• Track and resolve security incidents on regular frequencies and collaborate with other teams for resolution and suggest areas for improvement.
• Must have some experience building custom connectors/parsers etc. to point devices or IT assets that are not supported out of the box.
• Own and operate most important security solutions designed to protect the company from cyber threats and attacks.
• Lead in deploying new solutions and technologies to improve the security posture of the company.
• Continuous fine-tuning of our security solutions to reduce the occurrence of false positive and false negative alerts.
• Working knowledge and experience with the MITRE framework for cyber adversary tactics and techniques

• Experience supporting and administering Splunk

• Prior experience working with SIEM or EDR – E.g. SPLUNK, IBM QRadar, Sentinel, Rapid7, Carbon Black, ZScaler and Proofpoint
• Industry recognized certifications – E.g. CompTIA Security+, CySA+, Microsoft SC-200
• Demonstrated knowledge of TCP/IP networking and major protocols such as: HTTP, SSL/TLS, DNS, SMTP
• An understanding or proficiency in information security and compliance regulations (ISO 27001, PCI DSS, GDPR)