Security Engineer (Alpharetta, GA)

**MUST BE LOCATED IN THE U.S. IN OR NEAR THE ALPHARETTA, GA AREA**

Security is tough. Trying to get users to do the right thing, trying to get software developers to write better code, trying to explain for the thirty-eighth time the control the auditors want you to implement isn t supported in the application you re using are all run of the mill obstacles. And that s just Monday morning before you ve been able to sit down and review your IDS and SIEM alerts, do forensics on a couple PC s you re curious about, or review the outbound firewall policies you meant to get to last week.

At Sierra-Cedar, we ve got some difficult challenges and need your help to solve them. We re looking for someone who not only embraces those challenges but has the tenacity and finesse to pull it off spectacularly. Think you re good with security now? We ll challenge you to be better. If that statement makes your heart beat a little faster, then yes, you re fit to be one of us.

Candidate must be located in or near the Alpharetta, GA area. This is a full-time position, with requirements to be in the Alpharetta, GA office a few times per week.

POSITION OVERVIEW

This role is responsible for monitoring, investigating, and responding to security alerts while maintaining and enhancing the security infrastructure. The successful candidate will serve as both a frontline security analyst and a technical security engineer, ensuring comprehensive protection of our organization's digital assets.

Note: This role requires the ability to work in a fast-paced, 24/7 security operations environment and may include on-call responsibilities as needed.

QUALIFICATIONS

REQUIRED EXPERIENCE & SKILLS

• Education: Bachelor's degree or higher is required
• SOC Experience: Minimum 2+ years of hands-on experience in a Security Operations Center (SOC) environment with daily incident response and alert investigation
• Technical Foundation: Strong expertise in operating systems (Windows, Linux, macOS), networking protocols, applications, and core information security principles
• Security Architecture: Demonstrated experience with security system design, implementation, and maintenance
• Communication: Ability to effectively communicate complex technical concepts to both technical and non-technical stakeholders, including executive leadership
• Scripting Proficiency: 2+ years of experience in at least one of the following: PowerShell, Python, Bash, or other shell scripting languages
• Work Authorization: Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
• Location: Must already be living in the United States

REQUIRED TECHNICAL EXPERTISE

Experience with the following security technologies and platforms:

Detection & Response

• Security Information and Event Management (SIEM) platforms (Splunk, QRadar, Sentinel, etc.)
• Security Orchestration, Automation, and Response (SOAR) platforms
• Endpoint Detection and Response (EDR) solutions
• Network Detection and Response (NDR) tools

Network Security

• Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF)
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Network monitoring and analysis tools (Wireshark, tcpdump)
• DNS security and monitoring solutions

Threat Intelligence & Analysis

• Threat intelligence platforms and feeds
• Malware analysis tools and sandboxing environments
• Digital forensics and incident response (DFIR) methodologies
• Vulnerability assessment and management tools

Cloud Security (Preferred)

• Cloud security monitoring (AWS CloudTrail, Azure Security Center, etc.)
• Container security and monitoring
• Identity and Access Management (IAM) systems

POSITION RESPONSIBILITIES

SECURITY OPERATIONS

• Incident Response: Lead comprehensive investigations of security incidents using established procedures, forensic methodologies, and threat hunting techniques
• Alert Triage: Monitor, analyze, and respond to security alerts from multiple sources, determining severity and appropriate response actions
• Threat Hunting: Proactively search for indicators of compromise and advanced persistent threats across the environment
• Documentation: Maintain detailed incident reports, playbooks, and post-incident analysis documentation

SECURITY ENGINEERING

• Technology Management: Deploy, configure, and maintain security technologies including SIEM, EDR, firewalls, and other defensive tools
• Automation Development: Design and implement automated workflows to improve detection capabilities and response efficiency
• Integration Projects: Lead implementation of new security technologies and integrate them with existing security stack
• Performance Optimization: Continuously tune and optimize security tools to reduce false positives and improve detection accuracy

ANALYSIS & INTELLIGENCE

• Log Analysis: Conduct deep-dive analysis of security logs, network traffic, and system events to identify threats and anomalies
• Threat Intelligence: Research emerging threats, vulnerabilities, and attack techniques to enhance organizational defenses
• Risk Assessment: Evaluate security risks and provide recommendations for mitigation strategies

GENERAL RESPONSIBILITIES

LEADERSHIP & COLLABORATION

• Project Management: Effectively manage multiple security projects, resources, and timelines with minimal oversight
• Team Leadership: Mentor junior analysts and provide technical guidance to cross-functional teams
• Stakeholder Engagement: Collaborate with IT, compliance, and business teams to align security initiatives with organizational goals

STRATEGIC THINKING

• Systems Architecture: Apply holistic thinking to understand how security solutions integrate with existing infrastructure and business processes
• Innovation: Identify opportunities to improve security posture through new technologies and methodologies
• Vendor Management: Participate in technology evaluations, vendor briefings, and procurement processes

PROFESSIONAL EXCELLENCE

• Continuous Learning: Stay current with cybersecurity trends, threat landscape, and emerging technologies
• Quality Focus: Demonstrate attention to detail and commitment to operational excellence
• Decision Making: Exercise sound judgment in high-pressure situations and provide clear rationale for security decisions
• Communication: Present complex security information clearly to diverse audiences, from technical staff to executive leadership

ADMINISTRATIVE EXCELLENCE

• Process Adherence: Follow established policies, procedures, and compliance requirements
• Documentation: Maintain accurate and comprehensive documentation of security operations and procedures
• Reporting: Provide regular status updates and metrics to management on security operations performance

PREFERRED QUALIFICATIONS

PROFESSIONAL EXPERIENCE

• Endpoint Forensics: Experience in endpoint forensics and incident investigation roles
• High Availability Environments: Experience operating in datacenter, service provider, AWS, or similar high availability environments
• Advanced Scripting: 3+ years of experience with automation and advanced scripting techniques

TECHNICAL SKILLS

• Splunk Experience: Hands-on experience with Splunk (a plus but not required)
• Cloud Platforms: Advanced experience with cloud security (AWS, Azure)
• DevSecOps: Knowledge of DevSecOps practices and CI/CD pipeline security

CERTIFICATIONS & PROFESSIONAL DEVELOPMENT

Security Certifications: At least one information security certification from recognized organizations such as:

• ISACA (CISA, CISM, CRISC)
• GIAC (GCIH, GCFA, GSEC, GNFA, GREM)
• OpenText (EnCase certifications)
• ISC2 (CISSP, CCSP, SSCP)
• CompTIA (Security+, CySA+, CASP+)

Industry Affiliations: Active membership or participation in professional organizations such as:

• Information Systems Security Association (ISSA)
• Data Security Council of India (DSCI)
• InfraGard
• GIAC Advisory Board
• Local cybersecurity meetups and professional groups

COMPLIANCE & FRAMEWORKS

• Regulatory Knowledge: Experience with compliance frameworks (SOX, PCI-DSS, NIST Cybersecurity Framework, ISO 27001/27002)
• Risk Management: Understanding of enterprise risk management principles and practices

ABOUT SIERRA-CEDAR

Sierra-Cedar is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other legally protected basis, in accordance with applicable law.