Security Engineer (Data Centers)

Who You Are

A collaborative and experienced Security Engineer with hands-on experience running a Security Operations Center (SOC) for a DataCenter. You're comfortable working with existing tooling to analyze and monitor day-to-day operations, as well as create your own scripts or tools in both cloud and on-prem. You work well with others to solve complex problems, contribute to system design, and ensure smooth, reliable operations. You're proactive in learning and applying new technologies to enhance performance and efficiency.

Responsibilities

SOC Operations & Management: Oversee and manage the day-to-day operations of the Security Operations Center, including monitoring, analyzing, and responding to security alerts and incidents.

Threat Detection & Response: Identify, investigate, and respond to cybersecurity threats using advanced monitoring tools, SIEM platforms, and other security technologies.

Incident Management: Lead or support incident response activities, including root cause analysis, mitigation, and post-incident reporting.

Custom Scripting & Automation: Develop and maintain custom scripts (e.g., in Python, PowerShell, Bash) to automate security processes, improve threat detection, and streamline incident response workflows.

Security Monitoring & Analysis: Analyze logs, network traffic, and system behavior to detect potential security breaches or anomalies.

Tool Implementation & Optimization: Support the deployment, configuration, and optimization of security tools such as SIEM, SOAR, IDS/IPS, firewalls, and endpoint detection and response (EDR) solutions.

Collaboration with Teams: Work closely with IT, DevOps, and other security teams to ensure consistent security practices and to implement protective measures.

Security Policies & Procedures: Participate in the development and maintenance of security policies, procedures, and best practices.

Training & Mentoring: Provide guidance and mentorship to junior team members and contribute to the continuous improvement of the SOC team.

Requirements

Experience working in or running a SOC

Strong scripting skills in Python, PowerShell, Bash, or similar languages, with experience in automating security tasks.

On-prem Firewall Rule and Configuration (Palo)

Experience with various on-prem and Cloud environments (VMware, AWS, Azure)

Experience with security log/analysis tools such as Splunk, ELK, SumoLogic, or similar SIEM platforms.

Experience with XDR, DLP, and UBA tools and concepts (Cortex, CrowdStrike, etc.)

Good understanding of network protocols and system security

Windows and Linux experience

Experience with CI/CD and DevOps practices

Strong problem-solving and analytical skills

Familiarity with version control (Git)

Excellent communication and collaboration skills

Competitive base salary and discretionary bonus

Flexible Time Off (i.e. unlimited paid vacation days)

Company paid Holidays (11)

Company paid sick leave