NO SPONSORSHIP
EXPERTY CYBER DEFENSE ENGINEER
SALARY:$200k - $250k plus 20% bonus
LOCATION: REMOTE EXCEPT AK, ND, NE, HI, OK, VT, ME, WY, NH, PUERTO RICO
EXPERTY CYBER DEFENSE ENGINEER - Python Automation, Detection engineering, Detecting malicious use of PowerShell Scripting, XSOAR platforms. They run a hybrid environment (azure and on-premise) so knowledge of cloud. Writing analytics to detect malicious activity in the cloud. Log data The second interview is a technical skills assessment where you will troubleshoot some code and discuss specific applications of detection engineering.
I am looking for a combination engineer/developer and a SOC/SOAR engineer. Python Scripting, not application development. Heavy automation, Security detection, investigations, log analysis, managing the platform with Spunk, VMWares, CrowdStrike, cyber tools,etc. Must be willing to do on-call rotation every 8 weeks AI/ML is a plus Dashboarding is a plus Heavy Splunk is nice to have but will look at others
Job Description
We are seeking an experienced Cybersecurity Defense Engineer to join the cybersecurity engineering team. You will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery.
Qualifications
- Bachelors degree. Relevant experience and relevant experience within the military is acceptable in lieu of a degree.
- 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments.
- Significant experience using Python for task automation, procedure orchestration, and capability development.
- Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools.
- Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation.
- Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline.
- Strong analytical skills with a keen attention to detail.
- Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences.
- Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment.