Senior Cybersecurity Engineer- 3+ yrs- Remote

Experienced Senior Cybersecurity Engineer with proficiency in next generation SIEM (Security Information and Event Management) that uses AI and threat intelligence to identify sophisticated threats and risks, global deployment and automation, programming and security operations background. Possesses deep technical expertise in IT environment and Cloud environment. Adept at leading incident detect and response efforts, committed to continuous improvement and staying abreast of the latest security threats and technologies.

Key Skills:

• SIEM (Security Information and Event Management): Hands on expertise on Devo, ability to build correlation using Devo/Splunk is a must. Deep understanding and experience in maintaining and optimizing SIEM(Devo or Splunk) rules. Developed dashboards and reports for SIEM data analysis.
• SOAR- Security Orchestration, Automation, and Response- Strong experties integrating SIEM with security automation and orchestration.
• Threat Intelligence: Skilled in gathering, analyzing, and disseminating threat intelligence to improve incident response capabilities. Used Devo Threat Intellegence Link.
• Scripting and Automation: Proficient in scripting languages (e.g., Python, PowerShell) for automating and integrating with Devo.
• Communication and Collaboration: Excellent communication to effectively communicate incident status to stakeholders. Ability to effectively communicate technical information to both technical and non-technical audiences. Demonstrated ability to collaborate effectively under tight deadlines and in crisis situations.
• Experience in performing security analytics to identify risks and define alerts for top risks which are actionable.

Experience:

• 3+ years of experience in SIEM(Devo,Splunk, etc) administration roles is a must.
• Led and managed numerous complex security incidents, including ransomware attacks, data breaches, and advanced persistent threats (APTs).
• Experience with scripting languaes(Phyton, bash, etc.)
• Developed and implemented security risks playbooks.
• Analyzed threat intelligence to proactively identify and mitigate potential threats.
• Provide recommendations to improve incident response efficiency looking risks patterns.
• Security Orchestration, Automation and Response implementation and management of SOAR technologies.

Education:

• Bachelor's or master's degree in computer science, Cybersecurity, or a related field.
• Relevant industry certifications (e.g., CISSP, GCIH, GCFA, OSCP).

Responsibilities:

• Maintain the SIEM(Security Information and Event Management), automate, integrate and configure it for optimal performance, scalibitliy and security.
• Work closely with security analysts(SOC team) to streamline security monitoring and security notifications.
• Analyze threat intelligence and proactively hunt for threats.
• Contribute to the continuous improvement of security operations.

Provide detailed reports to management regarding ongoing investigations