Senior Security Engineer
Boston MA
Long Term
Contract
5+ years in SOC / SecOps / Incident Response, with at least 2+ years focused on detection engineering.
Direct hands on with Google Security Operations (Google SecOps / Chronicle) for:
o Writing and tuning YARA L detection rules.
o Managing log sources and reference lists.
o Running investigations and hunts in SecOps.
Proven Detection as Code implementation:
o Detections stored as code in Git/GitHub (YAML/JSON or similar).
o Use of branches, pull requests, and code review for rule changes.
o CI/CD pipeline to test and deploy rules to Google SecOps (or another SIEM) not just manual uploads.
Strong Python for security engineering:
o Building data parsers and enrichment scripts.
o Automating interactions with Google SecOps / SIEM / SOAR APIs.
o Implementing test harnesses for detections (synthetic logs, unit tests).
Strong SOAR / playbook experience:
o Hands on with Google SecOps SOAR or equivalent (Cortex XSOAR, Splunk SOAR, etc.).
o Built playbooks for phishing, suspicious logins, brute force, WAF events, including enrichment and containment steps.
Solid L2/L3 SOC capability:
o Has led investigations for account compromise, ransomware, and web app attacks.
o Comfortable owning incidents end to end and communicating updates to stakeholders.
Strong written and verbal communication in English, suitable for US customer calls and incident bridges.
If a CV does not clearly show Git based DaC + Python + SOAR + L2 IR, it should not be considered
Munesh
,
CYBER SPHERE LLC
Never miss an opportunity! Create an alert based on the job you applied for.