Description

Purpose:

Our team is seeking an experienced Security engineer to join our Cybersecurity team. This Engineer is responsible for securing cloud environments by implementing and managing security controls, detecting threats, and establishing robust logging systems to monitor and audit cloud infrastructure and data. Responsibilities include assessing risks, performing vulnerability scans, responding to incidents, developing policies, and collaborating with teams to build secure cloud-native solutions

Responsibilities:

Be part of the architectural direction, administration, maintenance, documentation, and oversight of the Security information and event management, SIEM solutionCreate and maintain integrations and solutions for the log collection, aggregation, indexing, search, alertingManage implementation, enhancement and adoption of the solutions built by the team into operationsUtilize cloud-based log ingestion platform CRIBL for onboarding relevant logs from all data sourcesParticipate in Ad-hoc incident response investigationsCollect and review security logs from all systems (Azure, SAAS applications, GitLab, OS, , Ping, etc.)Ensure compliance with internal policies, standards, and regulatory requirementsWork with Cyber monitoring team and contribute to creation of runbooksCreate and provide oversight for rule creation to generate actionable security alertsIdentify inconsistencies in logs and work with development, infrastructure and security teams and work to standardize themAssist on root cause analysis (RCA) and security incident reviewsGuarantee the availability, and recoverability of the SIEM ecosystemDeploy, configure, and manage SSPM solutions (e.g., CrowdStrike FalconShield, Adaptive Shield, AppOmni).Integrate SSPM with major SaaS platforms (Microsoft 365, Salesforce, Google Workspace, Workday, etc.).Monitor SaaS environments for misconfigurations, excessive permissions, and compliance gaps.Develop remediation workflows and integrate with SOAR/ticketing systemsAlign SSPM controls with compliance standards (ISO, SOC2, GDPR, HIPAA) based on requirements

 

 

VS&Co provides a range of compensation for this role as shown. Your actual salary will be determined by a number of factors, including: your specific skills and experience, geographic region, or other relevant factors.

Qualifications

Education & Skill

Bachelor’s / Master's degree in Information Systems, Engineering, Mathematics. Computer Science or Cyber Security or equivalent experienceDeep technical knowledge of systems in a multi-tenant, cloud environmentStrong knowledge of networking protocols (TCP/IP, DNS, HTTP)Familiarity with Linux and Windows server environmentsExperience with cloud platforms such as AWS, Azure, or Google CloudScripting skills for automation (e.g., Python, PowerShell)Good analytical, communication, and stakeholder management skillsAbility to work effectively in a team environment and contribute to collective success

Work Expérience :

5-7 years of experience in supporting log management solutions, having worked on cloud-security solutionsExperience Operating on Crowdstrike Falconshield or related technologies for securing SAAS solutionsKnowledge of data center and cloud network architecturesFamiliarity with Linux and Windows server environmentsBasic knowledge of incident investigation/response, including SIEM analyst experiencePractical experience building and implementing event correlation rules, logic, and content in security information and event management (SIEM) systems such as QRadar, Splunk, Sentinel, etc.Practical experience in tuning SIEM event correlation rules and logicPractical experience in maintaining event schema with customized security severity criteria.Basic experience in creating scheduled and ad-hoc reporting with SIEM tools.Detailed knowledge of SIEM technologies and event collector deployments in the Windows and Linux operating environments.