Security Engineer

Job Description

Job Title:

Cybersecurity engineer

• 2+ years experience with SIEM (deploying, configuration, query languages)
• Experience with Linux virtual machines and Windows administration
• 2+ years experience with Python scripting and exposure to Azure Logic Apps (nice to have)

Since this role will be working mainly on the tool (SIEM) and not doing daily security analyst work, the candidate should be comfortable and experienced working out of the tool on a daily basis.

We are looking to hire a Cyber Security Engineer with an analytical mind and a detailed understanding of cyber security methodologies. Cyber Security Engineers are expected to have a meticulous attention to detail, outstanding problem‑solving skills, work comfortably under pressure and deliver on tight deadlines.

To ensure success, the Cyber Security Engineer must display an excellent understanding of SIEM administration and have familiarity with standard networking technologies such as firewalls, servers, IDS/IPS, to name a few. Top candidates will be comfortable working with a variety of technologies, security problems and troubleshooting of the tools.

What this role is not: It is not a role that performs SOC Analyst duties of threat detection and response.

What this role is: This role is primarily focused on the proper operation and ongoing innovation of the SOC platform and tools.

• Planning, implementing, managing, monitoring and upgrading security measures for the protection of the organization’s data, systems and networks.
• Taking lead on onboarding new Managed Security Services clients and deploying our standard SIEM package as well as other security solutions such as Vulnerability Management.
• Responsible for the proper operation of the SIEM tool(s) used, which includes trend analysis of logs, data source log collection health, proper triggering of rules, etc.
• Responsible for content creation within the SIEM, in the form of correlation rules, automation rules (SOAR), dashboards, etc.
• Assist SOC Analyst team on a daily basis for Indication of Compromise detection and identification of new use cases.
• Testing and identifying network and system vulnerabilities.
• Daily administrative tasks, reporting and communication with the relevant departments in the organization.
• Providing recommendations to leadership and challenging the status quo.

• A degree in Computer Science, Cyber Security, Systems Engineering or related experience.
• Minimum 2 years of work experience with incident detection and incident response.
• Minimum 2 years of SIEM administration and content creation within SIEM (correlation rules, queries, etc).
• Experience with Windows and Linux administration.
• Experience with the functionality of firewalls, operating systems security, cloud security, etc.
• Experience with Azure Sentinel a big plus.
• Experience with Azure Logic Apps a big plus.
• Proficiency in Python or Power Shell a big plus.
• Proficiency in Big Data a big plus.
• Ability to work under pressure in a fast‑paced environment.
• Strong attention to detail with an analytical mind and outstanding problem‑solving skills.
• Great awareness of cybersecurity trends and hacking techniques.
• Must be comfortable learning new technologies, tools, and processes.