GuidePoint SecurityRemote
Security Engineer - Heartland (Remote)
United States of America
Full Time
3 weeks ago
No H1B
Key skills
SIEM solutionsSOAR platformsLog ingestionaggregationSecurity-focused content development for SIEMThreat detection logicOperational dashboardsSecurity events on IT platformsClientserver operating systemsWindowsMacLinuxNetworking troubleshootingSecurity troubleshootingFirewallsRoutingNATScriptingBASHPerlPythonJavaRegular expressionsAutonomous prioritizationProject deliveryBashAISplunk
About this role
GuidePoint Security is a rapidly growing cybersecurity company that provides trusted expertise, solutions, and services to help organizations minimize risk. The Security Engineer role involves architecture, implementation, and troubleshooting of SIEM/SOAR solutions, developing security-focused content, and optimizing security posture for clients.
Responsibilities:
- 1-2 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
- Proficiency developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one more more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
- Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
- Familiarity with key security events on common IT platforms
- Deep proficiency in client and server operating systems including Windows, Mac, and Linux
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
Requirements:
- 1-2 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
- Proficiency developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one more more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
- Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
- Familiarity with key security events on common IT platforms
- Deep proficiency in client and server operating systems including Windows, Mac, and Linux
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco
- Experience authoring security runbooks, policy, and best practice documentation
- Bachelor's degree in a relevant discipline or equivalent professional experience