Senior Engineer, Security Operations
Senior Engineer, Security Operations
LogRhythm is a world leader in NextGen Security Information and Event Management (SIEM), empowering organizations to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. Our platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant.
We are based in Boulder, CO with offices in Maidenhead UK, Dubai, Australia, Singapore, Germany and The Netherlands.
Opportunity
The Senior Engineer for Security Operations will report directly to the Chief Information Security Officer (CISO). You will be ultimately responsible for protecting our network, systems, applications, and employees, from damaging threats to our company and brand. You will have access to state of the art technology and intelligence. You’ll be expected to build and maintain integrations and automations in support of our security operations analyst team and their efforts in triaging events, threat hunting, and incident response. The ability to detect and respond quickly and effectively is critical in preventing a breach. The Senior Engineer will be measured on their ability to streamline these processes (with technology) to help the security operations program realize its mission. You’ll also support and ensure the security of our products is up to standard and develop or recommend current and future product development initiatives.
Responsibilities
- Maintain SIEM, IDS, endpoint and network technologies, and physical security systems
- Develop integrations across technologies and automations in support of event and incident triage, threat hunting, and incident response; including associated documentation
- Use industry-leading commercial and open source software tools that detect, evaluate, triage, prioritize, and respond to security events.
- Maintain and improve security systems and develop improved security architecture
- Be an escalation point (including on call support) to our managed security services (physical and cyber) as they are used for general triage both during and after business hours.
- Act as a subject matter expert in security operations and engineering (specifically) in support of marketing, public relations, sales, business development, and research and development.
- Support vulnerability management and penetration tests.
- Provide guidance and support to the development of corporate information security policies, standards, and guidelines.
Qualifications
- Security professional with 3-5 years of hands-on deep technical experience in the industry
- Strong understanding of SIEM, network, and endpoint security technologies
- Strong understanding and experience with one or more of the following:
- Python, PowerShell, Bash, PHP, HTML, .NET, C#, C++
- Strong understanding of API’ and JSON
- Demonstrable experience building integrations and automations
- Knowledge of the workflow associated with security analysis, threat hunting, threat intelligence, forensics, flow analysis, and log management
- Excellent communication skills – both written and verbal
- Security Certifications are nice to have but not required. A few recommended ones:
- OSCE, OSCP, GMON, GCED, GREM, GCIA, GCIH, GSEC, CISSP, etc.