Security Engineer - Hybrid

Title:             Security Engineer - Hybrid

Mandatory skills:

Tanium, CrowdStrike Falcon,
Jamf Protect, day-to-day operations, policy management, agent health, troubleshooting,
production security tooling, Incident triage, escalation handling, Managing requests, exclusions, detections, configuration updates,
endpoint telemetry, logging pipelines, Logstash, Beats, Auditbeat,
Linux systems fundamentals, Troubleshooting host-level issues, system logs, process behavior,
Python, APIs for reporting, system management, platform upgrades, migrations, Endpoint agents, logging infrastructure,
Tuning alerts, reducing false positives, Validating detection logic, test events, synthetic events,
endpoint detection, response workflows, Threat response actions, Memory, behavioral detection concepts,
data platforms, observability tools, Elasticsearch, Kibana, ClickHouse

Description:

Security Engineer

Required Skills (Core)

Hands-on experience operating endpoint security platforms, with strong proficiency in at least one of the following:
Tanium (preferred)
CrowdStrike Falcon
Jamf Protect (Expectation: day-to-day operations, policy management, agent health, and troubleshooting)

Experience supporting production security tooling environments, including:
Incident triage and escalation handling
Managing requests (e.g., exclusions, detections, configuration updates)

Working knowledge of endpoint telemetry and logging pipelines, such as:
Logstash, Beats (Auditbeat), or similar tools (Expectation: ability to validate data flow and troubleshoot ingestion issues)

Strong Linux systems fundamentals, including:
Troubleshooting host-level issues
Understanding system logs and process behavior

Experience with scripting and automation (Python preferred):
Automating operational tasks
Integrating with APIs for reporting or system management

Experience with platform upgrades and migrations, including:
Endpoint agents or logging infrastructure

Preferred Skills

Experience improving detection quality, including:
Tuning alerts and reducing false positives
Validating detection logic using test/synthetic events

Familiarity with endpoint detection and response workflows, such as:
Threat response actions
Memory or behavioral detection concepts

Exposure to data platforms and observability tools, such as:
Elasticsearch / Kibana
ClickHouse

TECHNICAL SKILLS

Must Have
Apache Kafka
API Integrations
Certificate Management
CrowdStrike Falcon
Data Visualization and Metrics
Elastic Logstash
Endpoint Security Engineering
GitHub
Incident Triage & Escalation
Jamf Protect
Linux Systems Administration
Logstash / Beats Pipelines
Platform Reliability & Monitoring
Postgres Database
Python Scripting and Automation
Runbook & Documentation Development
Security Logging
Tanium / CrowdStrike / Jamf Administration
Telemetry/Observability (Grafana & Telegraf);

Nice To Have

Ansible
Apache Hadoop , Apache Hive, Apache Spark, Apache spark ecosystem, Big Data
Chef
DevOps based tools like Terraform
DevOps Tools like Jenkins
Docker Containers
Google Cloud Infrastructure
Google Cloud Security
Java, Springboot
Kubernetes
Velociraptor Incident Response

Notes:
Hybrid
Tues/Wednesday onsite - then remote

VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at for any complaints, comments and suggestions.

Contact Details :

Account co-ordinator: Ramadas Kumaresan

VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008
|