Senior Security Engineer

Job Description

We are seeking a highly skilled and experienced Senior Security Engineer to join our cybersecurity team. The ideal candidate will have a deep understanding of security technologies and practices, particularly in the areas of automation, cloud security, vulnerability management, endpoint protection, and security data analytics. You will play a pivotal role in securing our infrastructure, automating security operations, and ensuring that our security posture is both proactive and responsive to emerging threats. As a Senior Security Engineer, you will be working with cutting-edge technologies like Cortex XSOAR , Splunk , AWS , Terraform , Qualys , CrowdStrike , and Axonius . A strong foundation in penetration testing and experience in security data analytics using tools like Splunk will be crucial. The role will also require expertise in asset management using Axonius to track and manage assets within our environment. Additionally, the candidate should possess relevant certifications such as XSOAR , AWS , and Penetration Testing (OSCP) . Roles and Responsibilities Key Responsibilities: • Security Automation & Orchestration: Design, implement, and manage automated workflows in Cortex XSOAR to streamline security operations. Integrate multiple security tools, including Splunk , Qualys , CrowdStrike , and Axonius , into XSOAR to enable automated detection, response, and remediation actions. Leverage Terraform to define and provision cloud security resources and configurations. • Cloud Security (AWS): Design and implement security controls, monitoring, and automation in AWS environments. Work with cloud-native tools and services to enhance the security of infrastructure, including IAM , VPC , and EC2 security. Conduct security assessments on cloud services, identifying risks and implementing mitigation strategies. • Security Data Analytics with Splunk: Utilize Splunk for comprehensive security event monitoring, log analysis, and threat hunting across the infrastructure. Develop advanced search queries, dashboards, and alerts within Splunk to identify anomalies and potential threats. Leverage Splunk 's capabilities to correlate data from multiple sources and detect security incidents in real time. Conduct root cause analysis of incidents using Splunk and provide actionable insights for incident response and remediation. • Penetration Testing & Security Assessments: Perform basic penetration testing and vulnerability assessments to identify weaknesses in both cloud and on-prem systems. Collaborate with security teams to perform red team exercises and simulate real-world attacks to assess the effectiveness of existing defenses. • Incident Response & Investigation: Lead or support the investigation of security incidents, including detection, analysis, containment, and remediation. Provide recommendations for improvements to the overall security posture based on incident learnings. • Collaboration & Documentation: Collaborate with other security engineers and teams to improve overall security practices. Document security processes, workflows, and incident reports clearly and concisely. Educate and mentor junior security engineers and team members on security best practices and tools. Required Qualifications: • Experience: At least 5-7 years of experience in a security engineering role, with a strong background in security automation, cloud security, vulnerability management, and security data analytics . Hands-on experience with Cortex XSOAR to automate security operations and integrate security tools into centralized workflows. Proficiency with Splunk for security monitoring, alerting, and reporting. Experience securing AWS environments, including managing IAM , VPC , EC2 , and other cloud resources. Familiarity with Terraform for automating infrastructure as code (IaC) to provision and secure cloud resources. Experience with Qualys for vulnerability management, including scanning, remediation tracking, and reporting. Proficiency in CrowdStrike Falcon for endpoint protection and incident detection. Experience with Axonius for asset management, including inventory tracking, compliance monitoring, and integration with other security tools. Basic knowledge of penetration testing techniques, including identifying common vulnerabilities and exploiting weaknesses. • Certifications: Cortex XSOAR Certified (Preferred) or equivalent experience. AWS Certified Security or other relevant AWS certifications (Preferred). Offensive Security Certified Professional (OSCP) or other penetration testing certifications (Preferred). • Skills: Strong understanding of security concepts, protocols, and technologies. Familiarity with common attack vectors, exploit techniques, and security mitigation strategies. Experience in security event monitoring, log analysis, and threat hunting using SIEM platforms like Splunk . Knowledge of regulatory compliance frameworks such as NIST , ISO 27001 , SOC 2 , and GDPR . Solid scripting or programming skills ( Python , Bash , etc.) to automate tasks and processes. Strong analytical, troubleshooting, and problem-solving skills. Preferred Qualifications: AWS Certifications (e.g., AWS Certified Solutions Architect, AWS Certified DevOps Engineer) or similar certifications in Azure or GCP. Familiarity with security best practices in DevSecOps environments. Hands-on experience with serverless computing (e.g., AWS Lambda, Google Cloud Functions). Knowledge of SIEM (Security Information and Event Management) tools and how to configure and manage them. Experience working in Agile or DevOps environments. Strong troubleshooting skills for cloud infrastructure, security incidents, and workflow orchestration.