Security Engineer

Security Engineer

Security Engineer Position Overview
Reporting to the Security Team Lead, the Security Engineer is a hands-on technical expert responsible for maintaining and enhancing Infrastructure's enterprise security posture. This role supports cloud and on-premise platforms and provides security oversight across infrastructure, networking, data protection, privacy, IT operations, and internal support teams including the Service Desk. The successful candidate is knowledgeable about architecture, engineering, and design principles and participates in planning and design of configuration policies and maintenance.

Security Engineer Key Responsibilities (Essential Duties and Functions)
Key responsibilities include security and systems design, implementation, testing, and administration across a wide variety of security tools including but not limited to Splunk, ServiceNow, Microsoft Defender for Endpoint/365, Palo Alto firewalls, Cortex XSOAR, Cisco ISE, Identity and Access Management (IdAM), MFA, EPP/EDR platforms, and Qualys or equivalent vulnerability management tools. Because this role directly supports and interfaces with other business functions, strong listening and communication skills are expected.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.

• Manage And administer large security tool deployments, ensuring they meet scalability, reliability, and performance requirements.
• Design, develop, test, and implement risk-based alerting, custom queries, and dashboards to support detection and response to security threats.
• Use security tools to enhance threat detection, including correlation searches, event aggregation, and incident response workflows.
• Develop and maintain operational runbooks, processes, and procedures in collaboration with other cross-functional teams.
• Document security tool configurations, workflows, and detections; generate regular security reports.
• Work closely with cross-functional teams including SOC analysts, network engineers, and system administrators to provide technical guidance, expertise, and support effective integration of security monitoring solutions.
• Lead and participate in daily security operations, including vulnerability and asset management, incident response, and security awareness programs.
• Provide guidance to IT and business teams on security requirements, risk mitigation, and effective security controls.
• Respond to security risks and inquiries from stakeholders with timely, practical guidance.
• Serve as a backup point of contact to the Security Team Lead.

Security Engineer Qualifications
Sufficient education, training and/or work experience to demonstrate possession of the following knowledge, skills, and abilities.

Education/Experience

• 5+ years of experience as a Security Engineer or Senior Security Operations Analyst.
• Bachelor's degree in information security, Computer Science, Information Technology, or related field.
• Two or more industry-recognized certifications such as GIAC, CISSP, CEH, Security+, or CISM.
• Microsoft Azure and/or Palo Alto Networks certifications preferred.

Knowledge/Skill Requirements

• Highly trustworthy; leads by example.
• Detail oriented, self-motivated, proactive, and creative, with effective application of logic, reasoning, problem solving.
• Ability to work on cross-functional teams and collaborate with technical and non-technical teams to develop and improve processes and systems.
• Ability to communicate professionally, both verbally and in writing in a timely manner.
• Demonstrates strong leadership qualities that can be used to guide a project.
• Ability to self-organize and prioritize work; and strong ability to work with time/date deadlines.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Demonstrated problem-solving abilities to manage complex local and international security requirements.
• Experienced in writing and maintaining technical documentation.
• Experience in administering or supporting some of the following or similar technologies in a large enterprise environment: including Splunk, ServiceNow, Microsoft Defender for Endpoint/365, Palo Alto firewalls, Cortex XSOAR, Cisco ISE, Identity and Access Management (IdAM), MFA, EPP/EDR platforms, or Qualys VMDR.
• Understand a wide range of system configuration, vulnerability management, and hardening guidelines with an ability to identify and position security controls in anticipation of threats.
• Knowledge of risk-based alerting methodologies and threat intelligence integration.
• Familiarity with scripting languages such as Python, Ruby, PowerShell, and JavaScript for automation.
• Ability to develop and use regular expressions (Regex).
• Ability to develop custom content including scheduled searches, reports, and/or dashboards.
• Strong Linux and Windows support skills.
• Familiarity with different types of log data such as firewall logs, cloud app logs, windows event codes etc.
• Familiarity or experience with multiple solutions and frameworks such as SIEM; directory services; NIST Cybersecurity Framework (CSF), MITRE ATT&CK and D3FEND; endpoint detection and response capabilities. Experience with pen testing, risk assessment tools, and compliance audits.
• Experience developing and delivering security awareness and training programs. Fluent in English.

Work and Physical Requirements
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

• Ability to sit for extended periods.
• Ability to safely lift up to 50 pounds.
• Based in or willing to work in Atlanta, GA.
• Ability to travel overnight up to 25% based on business needs.
• Ability to drive up to 4 hours for onsite services and meetings.
• Must pass background, drug, and alcohol screening.
• Willingness to work outside normal business hours when responding to critical incidents or major project deliverables.

#RT
#DICEJOBS