Security Services Principal

Job Description

We are at the forefront of transforming the future of technology in the financial industry, and we seek curious, practical individuals to help us pave the way. Our team is not intimidated by taking calculated risks, as they relish a good challenge and are eager to engage in problem-solving. As a member of our team, you will work alongside like-minded experts in a culture that is deeply rooted in innovation and progression. Join us to be part of a transformative journey that can shape the industry's future.

We are seeking a skilled and experienced Security Services Principal Engineer to play a crucial role in monitoring and analyzing our organization's security infrastructure, detecting and responding to potential threats and incidents, and ensuring the overall security of our systems.

This position is offers a Hybrid work scheduled from our San Diego, CA or El Segundo CA office.

What will you do:

• Ensure SOC platforms are running, maintained, and optimized to allow SOC analysts to monitor security events and alerts from various sources, to include Splunk, and other security tools.
• Assist in analyzing and investigating security incidents to determine their root cause, impact, and potential risks.
• Configure and maintain CRIBL and Splunk platforms to ensure efficient log aggregation, correlation, and event analysis. Create and fine-tune CRIBL platform and Splunk correlation alerts to detect security incidents effectively.
• Collaborate with internal teams to configure and maintain SOC platforms.

What you will have:

• BA/BS in computer science, Information Systems, or a related field (or equivalent experience).
• 6+ years relevant experience as a Security Services Principal Engineer along with expertise with the following Tools and Technologies:

CRIBL

• Proficiency in utilizing Cribl for data routing, filtering, and transformation.
  Experience with Cribl Stream and Cribl Edge for optimizing data flow.
• Ability to configure and manage Cribl LogStream for real-time data processing.
  Skilled in integrating Cribl with Splunk and other SIEM solutions.
• Capable of troubleshooting and resolving issues within Cribl environments.
  Understanding of Cribl's role in enhancing data observability and security.

Splunk

• Expertise in developing and managing Splunk applications, dashboards, and visualizations.
  Proficient in Splunk Query Language for creating efficient and reusable searches.
• Skilled in designing, deploying, and maintaining Splunk infrastructure.
• Ability to troubleshoot and resolve issues within the Splunk environment.
• Experience with integrating Splunk with various systems and data sources.
• Knowledge of managing Splunk knowledge objects (Apps, Dashboards, Saved Searches, Alerts).

Palo Alto XSOAR

• Expertise in designing and implementing automated security orchestration and response workflows.
  Proficient in integrating XSOAR with various security tools and data sources.
• Ability to create and manage playbooks for incident response and threat mitigation.
• Skilled in customizing XSOAR dashboards and reports for SOC operations.
• Experience with troubleshooting and optimizing XSOAR integrations.
• Knowledge of utilizing XSOAR for threat intelligence and automated response actions.

Darktrace

• Proficiency in deploying and managing Darktrace's AI-driven cybersecurity solutions.
• Skilled in configuring Darktrace for real-time threat detection and autonomous response.
  Ability to analyze and interpret Darktrace alerts and threat intelligence data.
• Experience with integrating Darktrace with other security platforms and tools.
• Capable of troubleshooting and resolving issues within Darktrace environments.
• Understanding of Darktrace's machine learning algorithms and their application in threat detection.

Integrations with Jira

• Proficiency in integrating Jira with security tools for streamlined incident tracking and management.
  I am skilled in creating and managing workflows and automation rules within Jira.
• Experience with configuring Jira for effective SOC team collaboration and communication.
• Ability to troubleshoot and resolve integration issues between Jira and other platforms.
• Knowledge of leveraging Jira for project management and issue tracking within a SOC environment.

Integrations with ServiceNow

• Expertise in integrating ServiceNow with various security tools for efficient incident response and management.
  Proficient in configuring ServiceNow workflows, automation, and reporting for SOC operations.
• Skilled in customizing ServiceNow dashboards and interfaces to meet SOC requirements.
• Experience with troubleshooting and optimizing ServiceNow integrations.
• Ability to leverage ServiceNow for IT service management and operational efficiency within a SOC.

The salary range for this role is $145,000.000- $185,000.00 plus competitive performance-based bonus. Compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, certifications, and specific office location. Compensation ranges may differ in differing locations due to cost of labor considerations.