Dahl ConsultingRemote
Security Engineer (Remote)
United States of America
Contract
2 weeks ago
$71 - $42 USD
H1B Sponsor Likely
Key skills
PythonJavaSparkKafkaApache KafkaHadoopSpring BootSpringGoogle CloudTerraformKubernetesDockerJenkinsAnsiblePostgresElasticsearchGrafanaLogstashKibanaGitHubVersion Control
About this role
Dahl Consulting is partnering with a large, enterprise-scale organization in the retail and consumer services industry to identify a Security Engineer. This role involves supporting and evolving endpoint security platforms, ensuring effective telemetry and response mechanisms, and maintaining the reliability of security tooling in a fast-paced environment.
Responsibilities:
- Operating and supporting endpoint security platforms such as Tanium, CrowdStrike Falcon, and Jamf Protect
- Performing incident triage, escalation, and operational response for endpoint-related security events
- Managing configuration requests, detections, exclusions, and platform changes in production environments
- Supporting endpoint telemetry and logging pipelines (e.g., Logstash, Beats) and troubleshooting ingestion or data quality issues
- Maintaining and improving Linux-based systems that underpin security tooling
- Developing Python-based automation and scripts to streamline operational workflows and API integrations
- Supporting platform upgrades, migrations, and agent lifecycle management
- Creating and maintaining runbooks and technical documentation to support operational readiness
- Monitoring platform health, reliability, and observability using metrics and dashboards
Requirements:
- Hands-on experience operating endpoint security platforms, with strong proficiency in at least one of the following: Tanium (preferred), CrowdStrike Falcon, Jamf Protect (day-to-day operations, policy management, agent health, troubleshooting)
- Experience supporting production security tooling environments, including: Incident triage and escalation, Request management (detections, exclusions, configuration changes)
- Experience with endpoint telemetry, logging, and observability, including: Security logging, Logstash / Beats pipelines (Auditbeat or similar), Elastic Logstash, Apache Kafka, Data validation, ingestion troubleshooting, and metrics analysis
- Strong Linux systems administration skills, including: Host-level troubleshooting, System logs, process behavior, and performance analysis
- Experience with scripting and automation using Python, including: Automating operational tasks, API integrations for reporting and systems management
- Experience supporting platform upgrades and migrations for endpoint agents or logging infrastructure
- Familiarity with: Platform reliability and monitoring, Telemetry and observability tools such as Grafana and Telegraf
- Experience using: GitHub for version control, Postgres databases, Certificate management
- Ability to develop and maintain runbooks and technical documentation
- Experience improving detection quality, including: Alert tuning and false-positive reduction, Validation using test or synthetic events
- Familiarity with endpoint detection and response (EDR) workflows, including: Threat response actions, Behavioral or memory-based detection concepts
- Experience with observability and data platforms such as: Elasticsearch / Kibana, ClickHouse
- Exposure to DevOps and infrastructure tooling, including: Ansible, Chef, Terraform, Jenkins, Docker, Kubernetes
- Experience with big data technologies: Apache Hadoop, Hive, Spark ecosystem
- Familiarity with Google Cloud infrastructure and security
- Experience with Java and Spring Boot
- Exposure to Velociraptor for incident response