GuidePoint SecurityRemote
Security Engineer (SIEM/SOAR) - Northeast region (Remote)
United States of America
Full Time
1 week ago
No H1B
Key skills
PythonJavaPerlBashAITerraformAnsibleSplunk
About this role
GuidePoint Security is a rapidly growing cybersecurity company that provides trusted expertise and solutions to help organizations minimize risk. The Security Engineer role focuses on architecture, implementation, and troubleshooting of SIEM/SOAR solutions, developing log ingestion strategies, and creating security-focused content for various platforms.
Responsibilities:
- 3-5 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
- Proficiency developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one more more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
- Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
- Familiarity with key security events on common IT platforms
- Deep proficiency in client and server operating systems including Windows, Mac, and Linux
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack
- Experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco
- Experience authoring security runbooks, policy, and best practice documentation
Requirements:
- 3-5 years of architecture, implementation, and troubleshooting experience with one or more SIEM/SOAR solutions
- Proficiency developing log ingestion and aggregation strategies
- Expertise developing security-focused content for one more more SIEM platforms (Splunk ES, Crowdstrike NG-SIEM, Elastic Security, Palo Alto XSIAM, Google SecOps, Microsoft Sentinel, SentinelOne AI SIEM), including creation of complex threat detection logic and operational dashboards
- Expertise with SOAR platforms (Splunk SOAR, Palo Alto XSOAR, Tines, Torq)
- Familiarity with key security events on common IT platforms
- Deep proficiency in client and server operating systems including Windows, Mac, and Linux
- General networking and security troubleshooting (firewalls, routing, NAT, etc.)
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
- Ability to autonomously prioritize and successfully deliver across a portfolio of projects
- Experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack
- Experience with other Information Security solutions including CrowdStrike, SentinelOne, ZScaler, Palo Alto Networks, Check Point, Microsoft Defender products, Carbon Black, Splunk, and/or Cisco
- Experience authoring security runbooks, policy, and best practice documentation
- Bachelor's degree in a relevant discipline or equivalent professional experience