Title - Senior Security Engineer
Location-Onsite @ Boston, MA
Duration Contract
Must Have Skills (Hard Filters)
Use these as non negotiables:
- 5+ years in SOC / SecOps / Incident Response, with at least 2+ years focused on detection engineering.
- Direct hands on with Google Security Operations (Google SecOps / Chronicle) for:
o Writing and tuning YARA L detection rules.
o Managing log sources and reference lists.
o Running investigations and hunts in SecOps.
- Proven Detection as Code implementation:
o Detections stored as code in Git/GitHub (YAML/JSON or similar).
o Use of branches, pull requests, and code review for rule changes.
o CI/CD pipeline to test and deploy rules to Google SecOps (or another SIEM) not just manual uploads.
- Strong Python for security engineering:
o Building data parsers and enrichment scripts.
o Automating interactions with Google SecOps / SIEM / SOAR APIs.
o Implementing test harnesses for detections (synthetic logs, unit tests).
- Strong SOAR / playbook experience:
o Hands on with Google SecOps SOAR or equivalent (Cortex XSOAR, Splunk SOAR, etc.).
o Built playbooks for phishing, suspicious logins, brute force, WAF events, including enrichment and containment steps.
- Solid L2/L3 SOC capability:
o Has led investigations for account compromise, ransomware, and web app attacks.
o Comfortable owning incidents end to end and communicating updates to stakeholders.
- Strong written and verbal communication in English, suitable for US customer calls and incident bridges.
If a CV does not clearly show Git based DaC + Python + SOAR + L2 IR, it should not be considered
Regards,
Sai Srikar
Email:
Never miss an opportunity! Create an alert based on the job you applied for.