Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxPythonSplunkTCP/IPPowerShellMachine LearningGCPGoogle CloudCloud Security
About this role
Role Overview
- Perform Resident Engineer (Extended Expertise) support focused on Endpoint Protection
- Provide endpoint protection and response expertise including incident response, threat hunting, and SOC support
- Assist with Splunk log parsing, XDR deployment, and cloud security monitoring
- Help with customer enablement, troubleshooting, and best-practice guidance
Requirements
- 10+ years of relevant, professional experience
- Endpoint protection deployment, operationalization, troubleshooting, training experience
- Experience as a Security Incident Responder or SOC analyst/manager
- Familiarity with cloud technologies, providers (GCP, AWS, Azure), use-cases
- Networking experience in TCP/IP, OSI Model, troubleshooting, analysis
- Experience in customer-facing roles
- Familiarity with machine learning and its various applications within cybersecurity
- Threat hunting and detection engineering experience of tuning alerts, development of custom BIOCs, and development of correlation rules for new log sources
- Experience with log ingestion and parsing rules for XDR
- The ability to develop and maintain scripts in Python or Powershell is a plus
- Experience with SIEM tools, such as Splunk
- Basic Linux system administration & troubleshooting experience.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- Linux
- Python
- Splunk
- TCP/IP
Benefits
- Ongoing learning and development opportunities
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements